
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
316
|
Chapter 10: Securing Web Servers
Strengthen
Never trust user input. Secure access to external files and programs.
Diversify
Use layers of protection. Don’t rely on security by obscurity of a single mecha-
nism, such as a password.
Document
Write down what you’ve done because you won’t remember it. Honest.
The Web Server
A secure web service starts with a secure web server, which in turn starts with good
code—no buffer overflows or other problems that could be exploited to gain root
privileges. Apache has had a handful of critical vulnerabilities over the past few years,
and has generally released fixed versions promptly. Apache powers about two-thirds
of the 55 million hosts in the monthly Netcraft survey (http://news.netcraft.com/
archives/web_server_survey.html).
Microsoft’s Internet Information Server (IIS), with less than a third of Apache’s mar-
ket share, has had many critical and ongoing security problems. A Microsoft Secu-
rity Bulletin issued in April 2002 described 10 critical problems in IIS 4 and 5. These
include vulnerabilities to buffer overruns, Denial of Service, and cross-site scripting;
a number of these provide full-system privileges to the attacker. IIS 6 is reportedly
better.
In practice, most Apache security problems are caused by configuration errors, and
I’ll