Apache Security
Ivan Ristic
Language: English
Pages: 432
ISBN: 0596007248
Format: PDF / Kindle (mobi) / ePub
With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one.
To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it-whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site.
Our new guide, Apache Security, gives administrators and webmasters just what they crave-a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general.
But this book isn't just about theory. The real strength of Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to:
- install and configure Apache
- prevent denial of service (DoS) and other attacks
- securely share servers
- control logging and monitoring
- secure custom-written web applications
- conduct a web security assessment
- use mod_security and other security-related modules
And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Security is packed and to the point, with plenty of details for locking down this extremely popular and versatile web server.
as a means to obtain a proper audit log, but it grew to include other security features. There are two versions of the module, one for each major Apache branch, and they are almost identical in functionality. In the Apache 2 version, mod_security uses the advanced filtering API available in that version, making interception of the response body possible. The Apache 2 version is also more efficient in terms of memory consumption. In short, mod_security does the following: Intercepts HTTP requests
Arabian horse was a gift from Allah. Its broad forehead, curved profile, wide-set eyes, arched neck, and high tail are distinct features of the Arabian breed, and these characteristics were highly valued and obsessed over during the breeding process. Because the Bedouins valued purity of strain above all else, many tribes owned only one primary strain of horse. These strains, or families, were named according to the tribe that bred them, and the genealogy of strains was always traced through the
need to understand how the Apache platform works in order to assess the security of systems deployed on it. Scope At the time of this writing, two major Apache branches are widely used. The Apache 1.x branch is the well-known, and well-tested, web server that led Apache to dominate the web server market. The 2.0.x branch is the next-generation web server, but one that has suffered from the success of the previous branch. Apache 1 is so good that many of its users do not intend to
you will be surprised how full-featured some of them are. For examples, see the following: CGITelnet.pl (http://www.rohitab.com/cgiscripts/cgitelnet.html) PhpShell (http://www.gimpster.com/wiki/PhpShell) PerlWebShell (http://yola.in-berlin.de/perlwebshell/) You cannot stop users from running web shells, but by having proper filesystem configuration or virtual filesystems, you can make them a nonissue. Still, you may want to have cron scripts that look through customers' cgi-bin/
find plenty of recommendations for additional reading throughout. The relevant issues for us are covered in Chapter 9, with references to other materials (books, and documents available online) that offer more detailed coverage. Chapter 12 describes a network-level technique relevant to Apache security, that of web intrusion detection. The network view is illustrated in Figure 1-2. Common network-level components include: Network devices (e.g., servers, routers) Clients (e.g., browsers)