XI Internet Web Server Security
Web server security is becoming more and more important, as more and more commerce is being conducted over the web. Today, most web servers are protected by firewalls (as described above), and many are also situated behind proxy servers that offer an additional layer of protection. Despite these safety efforts, web servers are still vulnerable due to bugs in the servers software.
No web server is immune from so-called exploits which take advantage of programming errors in the servers. As a responsible network administrator, you should keep up to date on the availability of security patches for your particular web server software, be it IIS, Apache, or some other product. (And more than keeping up to date on patch availability, you should keep up to date on patch APPLICATION).
As noted previously, traffic between the web server and the end user is a concern as well, because the data is being transmitted between the end-user and the web site is often sensitive (including personal details, credit card numbers, etc.). When designing web pages, take care to see that pages, which reference these types of sensitive information, use the SSL protocol mentioned in our discussion of encryption.
Home - Table Of Contents - Contact Us
CertiGuide for Network+ (http://www.CertiGuide.com/netplus/) on CertiGuide.com
Version 1.0 - Version Date: November 7, 2004
Adapted with permission from a work created by Tcat Houser and Helen O’Boyle.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.