View unanswered posts | View active topics It is currently Thu Nov 21, 2024 8:06 pm



Post new topic Reply to topic  [ 1 post ] 
 Web Servers Pay Particular Attention to Security 
Author Message

Joined: Thu Aug 26, 2010 9:46 pm
Posts: 17
Location: Uik
Post Web Servers Pay Particular Attention to Security
Web Servers Pay Particular Attention to Security

Web Servers
If you are hosting your Web site on your own server, you need to pay particular
attention to security. You should probably install intrusion detection software such as
Tripwire. Here are some other basic steps you can take to help create a more secure Web site:
* Running the Server
Servers running on Unix and Linux should be run as an account with little or no access. If you need a Web user, then make sure that that user account has no permissions on the server. NEVER RUN YOUR SERVER AS ROOT. It is better to run the server as "nobody", and only run as a Web user if you absolutely have to.
* CGI-BIN Directory
Make sure that your interpreters (programs that run your CGIs) are not stored in your cgi-bin directory. Perl, sh, Tcl, and so on, should be in directories that are not
accessible from the Web. CGI programs that use an interpreter should call that interpreter with the first line of the CGI.
* Insecure CGIs
The most common problem with CGIs is that they allow readers to input anything to the Web server. For example, if you have a Web form that doesn't check the data before passing it to the server, a hacker using your site could type in code to view your /etc/passwd file. There is a CERT tech tip that explains how to do this.

The best place to go to learn about security on the Internet is the CERT Coordination Center. There you can find out about new vulnerabilities and solutions immediately.

Thanks


Thu Aug 26, 2010 9:51 pm
Profile WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forums/DivisionCore.