18.1. The Basics of Running a Secure Web Server

I want to begin this section with a few words of reassurance. If you're running a simple website (or several) on your Mac, with only static content, such as text, pictures, and movies — and if you take a few simple, commonsense steps to protect your Mac — you're quite safe. With such a setup, your risk of suffering at the hands of web-trolling evildoers is barely higher than if you weren't running a web server at all. Fortunately, that's exactly what many home and small-office Mac users want to do.

The security risks involved in running a web server begin to creep in when you do any of the following:

  • Use Server Side Includes (SSI) or Common Gateway Interface (CGI) programs to put dynamic content on your pages

  • Use scripting languages, such as PHP, Perl, or Python, to process forms or perform other behind-the-scenes functions

  • Use databases, such as MySQL, to store data for your websites


    Database programs with built-in web servers, such as FileMaker Pro and Panorama, are largely resistant to the sorts of dangers that affect common Unix-based database engines.

  • Turn on software features without understanding what they do

  • Paste code into your web pages that you don't understand

If you're doing none of these — for example, merely sharing a blog or photo gallery you created in iWeb with your friends and family — you can skim over this chapter, double-check a few essential settings, and leave it at that. But if you're engaging in any of ...

Get Mac® Security Bible now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.