O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 18. Web Server Security

IN THIS CHAPTER

Understanding and preventing security issues that affect Macs running web servers

Requiring authentication to view portions of a website

Encrypting transmissions of web pages with SSL

Preventing attackers from installing malicious software using web forms

Protecting databases used to deliver web content

Apache, the world's most popular web server software, is built into every copy of Mac OS X. What's more, it takes just a few clicks to turn it on, making your Mac a web server you can use to run a personal or business website that the world can see. However, running a web server exposes your Mac to a number of additional risks and makes it much more of a target than it would otherwise be. In this chapter, I cover the fundamentals of protecting your Mac and its data while it's being used as a web server. Apart from configuring Apache and other parts of Mac OS X securely, you learn how to password-protect portions of your site, encrypt web pages with SSL, avoid common exploits and attacks, and, if applicable, keep any web-connected databases secure.

This chapter covers the sorts of things you should be concerned with when using the version of Apache in the standard version of Leopard or Snow Leopard and activated using the Sharing pane of System Preferences. Although most of the same general principles apply to other web servers, to custom builds of Apache, or to the version of Apache included with Mac OS X Server, I don't specifically ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required