IN THIS CHAPTER
Understanding and preventing security issues that affect Macs running web servers
Requiring authentication to view portions of a website
Encrypting transmissions of web pages with SSL
Preventing attackers from installing malicious software using web forms
Protecting databases used to deliver web content
Apache, the world's most popular web server software, is built into every copy of Mac OS X. What's more, it takes just a few clicks to turn it on, making your Mac a web server you can use to run a personal or business website that the world can see. However, running a web server exposes your Mac to a number of additional risks and makes it much more of a target than it would otherwise be. In this chapter, I cover the fundamentals of protecting your Mac and its data while it's being used as a web server. Apart from configuring Apache and other parts of Mac OS X securely, you learn how to password-protect portions of your site, encrypt web pages with SSL, avoid common exploits and attacks, and, if applicable, keep any web-connected databases secure.
This chapter covers the sorts of things you should be concerned with when using the version of Apache in the standard version of Leopard or Snow Leopard and activated using the Sharing pane of System Preferences. Although most of the same general principles apply to other web servers, to custom builds of Apache, or to the version of Apache included with Mac OS X Server, I don't specifically ...