BUY THIS BOOK
Add to Cart

Print Book $34.95


Add to Cart

PDF $23.99

Safari Books Online

What is this?

Add to UK Cart

Print Book £24.95

What is this?

Looking to Reprint or License this content?

Envelope Tell a friend
Apache Security

By Ivan Ristic
First Edition  February 2005 
Pages: 420
ISBN 10: 0-596-00724-8 | ISBN 13: 9780596007249

Buy 2 Get 1 Free Free ShippingGuarantee

Book description

This all-purpose guide for locking down Apache arms readers with all the information they need to securely deploy applications. Administrators and programmers alike will benefit from a concise introduction to the theory of securing Apache, plus a wealth of practical advice and real-life examples. Topics covered include installation, server sharing, logging and monitoring, web applications, PHP and SSL/TLS, and more.
Full Description

With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one. To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site. Our new guide, Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general. But this book isn't just about theory. The real strength of Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to:
  • install and configure Apache
  • prevent denial of service (DoS) and other attacks
  • securely share servers
  • control logging and monitoring
  • secure custom-written web applications
  • conduct a web security assessment
  • use mod_security and other security-related modules
And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Security is packed and to the point, with plenty of details for locking down this extremely popular and versatile web server.
Post-purchase benefits:

Register your book | Submit Errata | Ivan's Web Site

Browse within this book

Cover | Table of Contents | Index | Sample Chapter

Book details

First Edition: February 2005
ISBN: 0-596-00724-8
Pages: 420

Featured customer reviews

Be the first person to review this book!

Write a Review

Media reviews
"...any Apache administrator or developer will benefit, in terms of increased security, from the information provided in this book. "
-- Robert Slade, Internet Review Project

"...I have found this book to be excellent. It is written in a teaching style, covering general security where appropriate, then linking each concept to the specific mutation within the http protocol that underlies web server operation. In order to create security techniques for a process or program, one really needs to understand the program and security. Ristic clearly does. The best part is his writing in a such a way that you learn as you read through the book. I have a special appreciation of techies who can communicate ideas...Apache Security certainly will go on my O'Reilly Apache bookshelf next to Apache The Definitive Guide and the Apache Cookbook. It is a highly recommended book for anyone, but especially for those who run (or want to run) an Apache web server."
--Robert Bruen, IEEE-Security.org, December 2005

"If you are responsible for rolling out Apache, you will benefit from the detailed coverage of the hardening process. Going well beyond the official documentation, Ivan explains the reasoning and benfits of each step. Similarly, the SSL how-to is followed by an analysis of the practical issues in SSL (eg. users lack awareness of browser warnings for SSL)... The book is peppered with interesting sidebars, from the informative one on Apache backdoors to the amusing one on the Alan Ralsky Denial of Service. This book is a must-read for Apache administrators; web developers will also enjoy Ivan’s direct writing..."
--Palisade Application Security Intelligence, August 2005

"A number of books in the last couple of years have specifically addressed Apache security, but I was particularly impressed with Ivan Ristic's Apache Security. Rather than just providing an expanded description of the Apache documentation, the author takes a problem-solution approach. The book goes into detail about why a particular issue is important, as well as why one would want to implement a given solution. The author gets into the background behind the issues, showing how things work, rather than just telling you what to configure."
--James Mohr, Linux-Magazine.com, June 2005

"One of the first things that I do while reviewing a book is to find all the things that the text doesn't cover that it *really* should have and point them out in my review. Simply put this book has everything, and I do mean everything... The audience for this book ranges from novice users straight to web developers. If you run Apache in a production environment, your basement, or run IIS and were curious of Apache's available features this book is a must."
--CGISecurity.com, June 2005

"The author of this book wrote the mod_security Apache module, and is clearly suited to the task of writing a book on Apache security. The content of the book is clear and precise, giving a balanced discussion of the problems faced by Apache server administrators, and the solutions they can employ, where any exist. There is something in this book for everyone running an Apache server, regardless of the environment in which they run it. Users running a small web server from home will benefit from the first chapters, detailing how to install Apache in a more secure configuration, whilst professional hosting managers will benefit from the discussions of shared hosting techniques later in the book...The readability and accuracy of the content in this book, together with the relaxed writing style and self-contained chapters make this book ideal for anyone wishing to learn more about Apache security."
--Andrew J. Bennieston, Security-Forums.com, August 2005

"I've never seen so much Apache specific security information in one place! ... Since I'm in the process of setting up a new webserver, I'll be keeping this book by my side each step of the way as I do so. This book is highly recommended."
--Jerry Singleton, Edmonton Linux User Group (ELUG), MAY 2005

"Apache Security by Ivan Ristic is a 'complete guide' to securing an Apache Web Server; There is a lot here that is covered and much is cross-platform and generic enough anybody can learn from this book. Much of the information isn't just Apache-specific. And it touches on just about everything one would need to practice safe serving."
--Robert Pritchett, MacCompanion, May 2005

Hide extended reviews


See larger cover