4 Web server security

In this chapter

The importance of validating inputs sent to a web server
How escaping control characters in output can defuse many attacks on a web server
The correct HTTP methods to use when fetching and editing resources on a web server
How using multiple overlapping layers of defense can help keep your web server secure
How restricting permissions in the web server can help protect your application

In chapter 2, we dealt with security in the browser. In this chapter, we will look at the other end of the HTTP conversation: the web server. Web servers are notionally simpler than browsers—essentially, they are machines for reading HTTP requests and writing HTTP responses—but they are also far more common targets for hackers. ...

Get Grokking Web Application Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Grokking Web Application Security by Malcolm McDonald

4 Web server security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly