 | KalyanSantosh
Share Knowledge
|
|
| | | part3 |  Sat Aug 27, 2011 7:22 pm by Admin | 5. What are the most important steps you would recommend for securing a new web server? Web application?
Goal of question – Once again, there is no right or wrong answer, however we are interested in what the applicant views as important.
Web Server Security:
• Update/Patch the web server software
• Minimize the server functionality – disable extra modules
• Delete default data/scripts
• Increase logging verboseness
• Update Permissions/Ownership of files
Web Application Security:
• Make sure Input Validation is enforced within the code - Security QA testing
• Configured to display generic error messages
• Implement a software security policy
• Remove or protect hidden files and directories
Advanced Level Questions
1. Imagine that we are running an Apache reverse proxy server and one of the servers we are proxy for is a Windows IIS server. What does the log entry suggest has happened? What would you do in response to this entry?
| | Comments: 0 |
| | Statistics | We have 61 registered users
The newest registered user is Veeresh
Our users have posted a total of 124 messages in 121 subjects
|
| Who is online? | In total there is 1 user online :: 0 Registered, 0 Hidden and 1 Guest None Most users ever online was 19 on Tue May 17, 2011 8:38 pm |
|
| |
|
Home 
Gallery 
Calendar 
FAQ 
Search 
Register 
Memberlist 
Usergroups 
Log in 
