7. Mitigating the WASC Web Security Threat Classification with Apache
In the previous chapter, we discussed the steps necessary to properly secure a standard Apache installation. Although the updated configurations applied to Apache will certainly result in a more secure web server, the resulting web server’s functionality is significantly diminished. On today’s World Wide Web, most organizations have a requirement to add in some form of dynamic web application. After applying all of the security settings to a default Apache install, you are now choosing to install some form of complex application that very well may open up different vulnerabilities. Once you implement applications that need to track user sessions and allow interaction with databases, ...
Get Preventing Web Attacks with Apache now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
