Preventing Web Attacks with Apache

8. Protecting a Flawed Web Application: Buggy Bank

“Give a man an audit and he will be secure for a day. Teach a man to audit and he will be secure for the rest of his life.”

—David Rhoades

So, you want to put the knowledge that you learned in Chapter 7 to use, huh? In order to do this, you first must have an application that has some known vulnerabilities to use as the target. Do you have access to such an application? The common response is no, since due diligence requires that any vulnerabilities should have already had an appropriate patch or fix applied. Another option would be to probe and test someone else’s web server; however, this is not a good idea unless your future plan is to fine-tune your web security skills while sitting in jail. ...

Get Preventing Web Attacks with Apache now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Preventing Web Attacks with Apache by

8. Protecting a Flawed Web Application: Buggy Bank

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly