Linux Server Security (2nd Edition( [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Linux Server Security (2nd Edition( [Electronic resources] - نسخه متنی

Michael D. Bauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید







Chapter 10. Securing Web Servers


You've hardened
your server from the bottom up, with an external firewall protecting
your DMZ, a local firewall blocking ports, and all the latest patches
applied to your operating system. Your fortress is impregnable. But
then you blast a hole straight through all these walls to a port on
your server. Then you let anyone in the world wander in and run
programs on your server, using their own input.
You've lost touch with realityand/or
you're a web administrator.

The Web continues to grow, and security problems follow. As firewalls
and security tools improve, attacks move up the food chain,
particularly toward web applications. In this chapter, I assume that
you are hosting web servers and are responsible for their security.
Although the examples discuss servers exposed to the Internet, most
of the discussion applies to intranets and extranets as well. The
platform is still LAMP: Linux,
Apache, MySQL,
PHP (and
Perl).
I'll talk about A,
M, and P here. MySQL
database server security is covered in Chapter 8, but database access from Perl and PHP is
discussed here. We'll see how to protect your whole
web environmentserver, content, applicationsand keep
the weasels out of your web house.


/ 94