Apache Security

ISBN-10: 0596007248

ISBN-13: 9780596007249

Edition: 2005

Authors: Ivan Ristic

List price: $34.95
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy


With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one. To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site. Our new guide, "Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, "Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general. But this book isn't just about theory. The real strength of "Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to: install and configure Apache prevent denial of service (DoS) and other attacks securely share servers control logging and monitoring secure custom-written web applications conduct a web security assessment use mod_security and other security-related modules And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, "Apache Security is packed and to the point, with plenty of details for locking down this extremelypopular and versatile web server.
what's this?
Rush Rewards U
Members Receive:
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Customers also bought

Book details

List price: $34.95
Copyright year: 2005
Publisher: O'Reilly Media, Incorporated
Publication date: 3/7/2005
Binding: Paperback
Pages: 432
Size: 7.25" wide x 9.50" long x 1.00" tall
Weight: 1.540
Language: English

Apache Security Principles
Security Definitions
Essential Security Principles
Common Security Vocabulary
Security Process Steps
Threat Modeling
System-Hardening Matrix
Calculating Risk
Web Application Architecture Blueprints
User View
Network View
Apache View
Installation and Configuration
Source or Binary
Static Binary or Dynamic Modules
Folder Locations
Installation Instructions
Configuration and Hardening
Setting Up the Server User Account
Setting Apache Binary File Permissions
Configuring Secure Defaults
Enabling CGI Scripts
Setting Server Configuration Limits
Preventing Information Leaks
Changing Web Server Identity
Changing the Server Header Field
Removing Default Content
Putting Apache in Jail
Tools of the chroot Trade
Using chroot to Put Apache in Jail
Using the chroot(2) Patch
Using mod_security or mod_chroot
Using PHP as a Module
Using PHP as a CGI
Choosing Modules
Disabling Undesirable Options
Disabling Functions and Classes
Restricting Filesystem Access
Setting Logging Options
Setting Limits
Controlling File Uploads
Increasing Session Security
Setting Safe Mode Options
Advanced PHP Hardening
PHP 5 SAPI Input Hooks
Symmetric Encryption
Asymmetric Encryption
One-Way Encryption
Public-Key Infrastructure
How It All Falls into Place
SSL Communication Summary
Is SSL Secure?
Apache and SSL
Installing mod_ssl
Generating Keys
Generating a Certificate Signing Request
Signing Your Own Certificate
Getting a Certificate Signed by a CA
Configuring SSL
Setting Up a Certificate Authority
Preparing the CA Certificate for Distribution
Issuing Server Certificates
Issuing Client Certificates
Revoking Certificates
Using Client Certificates
Performance Considerations
SSL Benchmark Script
Hardware Acceleration
Denial of Service Attacks
Network Attacks
Malformed Traffic
Brute-Force Attacks
SYN Flood Attacks
Source Address Spoofing
Distributed Denial of Service Attacks
Reflection DoS Attacks
Self-Inflicted Attacks
Badly Configured Apache
Poorly Designed Web Applications
Real-Life Client Problems
Traffic Spikes
Content Compression
Bandwidth Attacks
The Slashdot Effect
Attacks on Apache
Apache Vulnerabilities
Brute-Force Attacks
Programming Model Attacks
Local Attacks
PAM Limits
Process Accounting
Kernel AuditingTraffic-Shaping Modules
DoS Defense Strategy
Sharing Servers
Sharing Problems
File Permission Problems
Dynamic-Content Problems
Sharing Resources
Same Domain Name Problems
Information Leaks on Execution Boundaries
Distributing Configuration Data
Securing Dynamic Requests
Enabling Script Execution
Setting CGI Script Limits
Using su
Running PHP as a Module
Working with Large Numbers of Users
Web Shells
Dangerous Binaries
Access Control
Authentication Methods
Basic Authentication
Digest Authentication
Form-Based Authentication
Access Control in Apache
Basic Authentication Using Plaintext Files
Basic Authentication Using DBM Files
Digest Authentication
Certificate-Based Access Control
Network Access Control
Proxy Access Control
Final Access Control Notes
Single Sign-on
Web Single Sign-on
Simple Apache-Only Single Sign-on
Logging and Monitoring
Apache Logging Facilities
Request Logging
Error Logging
Special Logging Modules
Audit Log
Performance Measurement
File Upload Interception
Application Logs
Logging as Much as Possible
Log Manipulation
Piped Logging
Log Rotation
Issues with Log Distribution
Remote Logging
Manual Centralization
Syslog Logging
Database Logging
Distributed Logging with the Spread Toolkit
Logging Strategies
Log Analysis
File Integrity
Event Monitoring
Web Server Status
Application Isolation Strategies
Isolating Applications from Servers
Isolating Application Modules
Utilizing Virtual Servers
Host Security
Restricting and Securing User Access
Deploying Minimal Services
Gathering Information and Monitoring Events
Securing Network Access
Advanced Hardening
Keeping Up to Date
Network Security
Firewall Usage
Centralized Logging
Network Monitoring
External Monitoring
Using a Reverse Proxy
Apache Reverse Proxy
Reverse Proxy by Network Design
Reverse Proxy by Redirecting Network Traffic
Network Design
Reverse Proxy Patterns
Advanced Architectures
Web Application Security
Session Management Attacks
Session Management Concepts
Keeping in Touch with Clients
Session Tokens
Session Attacks
Good Practices
Attacks on Clients
Typical Client Attack Targets
Application Logic Flaws
Cookies and Hidden Fields
POST Method
Referrer Check Flaws
Process State Management
Client-Side Validation
Information Disclosure
HTML Source Code
Directory Listings
Verbose Error Messages
Debug Messages
File Disclosure
Path Traversal
Application Download Flaws
Source Code Disclosure
Predictable File Locations
Injection Flaws
SQL Injection
Cross-Site Scripting
Command Execution
Code Execution
Preventing Injection Attacks
Buffer Overflows
Evasion Techniques
Simple Evasion Techniques
Path Obfuscation
URL Encoding
Unicode Encoding
Null-Byte Attacks
SQL Evasion
Web Application Security Resources
General Resources
Web Application Security Resources
Web Security Assessment
Black-Box Testing
Information Gathering
Web Server Analysis
Web Application Analysis
Attacks Against Access Control
Vulnerability Probing
White-Box Testing
Architecture Review
Configuration Review
Functional Review
Gray-Box Testing
Web Intrusion Detection
Evolution of Web Intrusion DetectionIs Intrusion Detection the Right Approach?
Log-Based Web Intrusion Detection
Real-Time Web Intrusion Detection
Web Intrusion Detection Features
Using mod_securityIntroduction
More Configuration Advice
Deployment Guidelines
Detecting Common Attacks
Advanced Topics
Appendix: Tools
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.