WebHostingSSH

Guidelines on Securing Public Web Servers

Executive Summary

The World Wide Web (WWW) is a system for exchanging information over the Internet.  At

the most basic level, the Web can be divided into two principal components:  Web servers,

which are applications that make information available over the Internet (in essence publish

information) and Web browsers (clients), which are used to access and display the information

stored on the Web servers.  This document focuses on the security issues of Web servers.

Unfortunately, the Web server is the most targeted and attacked host on most organizations'

network.  As a result, it is essential to secure Web servers and the network infrastructure that

supports them.  The specific security threats to Web servers generally fall into one of the

following categories:

Malicious entities may exploit software bugs in the Web server, underlying operating

system, or active content to gain unauthorized access to the Web server.  Examples of

unauthorized access are gaining access to files or folders that were not meant to be

publicly accessible or executing privileged commands and/or installing software on

the Web server.

Denial of service (DoS) attacks may be directed to the Web server denying valid users

an ability to use the Web server for the duration of the attack.

Sensitive information on the Web server may be distributed to unauthorized

individuals.

Sensitive information that is not encrypted when transmitted between the Web server

and the browser may be intercepted.

Information on the Web server may be changed for malicious purposes.  Web site

defacement is a commonly reported example of this threat.

Malicious entities may gain unauthorized access to resources elsewhere in the

organization's computer network via a successful attack on the Web server.

Malicious entities may attack external organizations from a compromised Web server,

concealing their actual identities, and perhaps making the organization from which the

attack was launched liable for damages.

The server may be used as a distribution point for illegally copied software, attack

tools, or pornography, perhaps making the organization liable for damages.

This document is intended to assist organizations in installing, configuring, and maintaining

secure public Web servers.  More specifically, this document describes in detail the following

practices to apply:

Securing, installing, and configuring the underlying operating system

 For more information on securing Web browsers, see NIST Special Publication 800 46,

Security for Telecommuting

and Broadband Communications

http://csrc.nist.gov/publications/nistpubs/index.html

).

ES 1





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Web Hosting SSH

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Web Hosting SSH
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved