WebHostingSSH

Guidelines on Securing Public Web Servers

determining the extent of possible damage.  If an integrity checker detects unauthorized system

file modifications, the possibility of a security incident should be considered and investigated

according to the organization's incident response and reporting policy and procedures.

5.4 Securely

Installing and Configuring the Web Server Checklist

Completed

Action

Securely installing the Web server

Install the server software on a dedicated host

Install minimal Internet services required

Apply any patches or upgrades to correct for known vulnerabilities

Create a dedicated physical disk or logical partition (separate from

operating system and server application) for Web content

Remove or disable all services installed by the Web server

application but not required (e.g., gopher, FTP, and remote

administration)

Remove all sample documents, scripts, and executable code

Remove all vendor documentation from server

Apply appropriate security template or hardening script to server

Reconfigure HTTP service banner (and others as required) NOT to

report Web server and operating system type and version

Configuring Web server host operating system access controls

Configured so that Web content files can be read but not written by

Web service processes

Configured so that Web service processes cannot write the

directories where public Web content is stored

Configured so that only processes authorized for Web server

administration can write Web content files

Configured so that Web application can write Web server log files,

but log files cannot be read by the Web server application

Configured so that temporary files created by Web server

application are restricted to a specified and appropriately protected

subdirectory

Configured so that access to any temporary files created by Web

server application is limited to the Web service process(es) that

created these files

Installed with Web content on a different hard drive or logical

partition than the operating system and Web application

Configured so that if uploads are allowed to the Web server, a limit

is placed on the amount of hard drive space that is dedicated for this

purpose

Configured so that log files are stored in a location that is sized

appropriately





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Web Hosting SSH

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Web Hosting SSH
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved