Strategies for securing web servers

• Backup data frequently, or...
• Store originals on another system and...
• Use encrypted login/file transfer services (e.g, with SSH
• Stay on top of bug reports and patches for your server and OS
• Partition services (mail on mail server, HTML on web server, etc.)
• Eliminate unnecessary network services (Unix Security Overview talk)
• Limit web services to only necessary and "safe" services
  • No "server side includes"
  • Only use "as user" CGI scripts
  • Eliminate all example scripts
• Mirror log files on another system
• Consider using security technologies like SSL, SET, Certificates, etc. (this is not trivial)

• Q7: What general security precautions should I take?
• Administering Very High Volume Internet Services by Don Mosedale, William Foss, and Rob McCool of Netscape Communications
• Steps to take to improve your network's security (Unix Security Overview talk)
• Keith Gardner's Are You Safe? page
• Designing secure software -- SunWorld, April 1998
• Back issues of SunWorld Online's Web Security, Network Security, and Electronic Commerce articles

[Next] | [Prev] | [Top]