From the Publisher
Apache has seized an unchallenged superiority over other web servers. Its strength lies in its modular, scalable, robust architecture. Today the Apache server manages 66% of the all web-based Internet traffic, which means that any breach in Apache security directly affects the majority of the web servers deployed worldwide! Powerful web servers like Apache have many complex features that make security a challenging task. Furthermore, the growth in e-commerce has also brought the realization that reputation damage from a security breach is one of the fastest ways to erode customer and industry trust. This book provides an in-depth discussion on how to secure Apache. It provides comprehensive information on planning and implementing security at protocol, application and system levels. In addition, this book provides an overview of strategic defense against would-be crackers. This book is a tutorial, a resource, and a reference for Apache administrators, security analysts, web developers and system architects, who want to secure Apache on UNIX and its variant platforms. Here is the book in a nutshell:
- Overview of a secure Apache installation and configuration process
- Dissection of the effects of HTTP and URL on server security
- Coverage of authentication and authorization
- Security at protocol, application, and system level
- Usage of chrooting, CGI scripts, logging, and session tracking
- Coverage of DoS attacks, cookies, and cryptography
- Implementation and use of SSL to enable security at the transport layer
- Setting up a secure Apache server for an E?Commerce web site
About the Author
Tony Mobily is a technical writer and technical editor who manages the Italian computer magazine "Login", and works daily with many Internet technologies. He is a senior system administrator and a security expert, and has lots of fun playing with buffer overflows, DOS attacks, and firewalls.
Paul Weinstein devotes his energies to developing and integrating web-based systems. He has become knowledgeable in the detail workings of many tools of the trade including, Apache, Perl, PHP, SSL, mySQL, and Linux. Currently, he works as Chief Consultant for Waubonsie Consulting, spending a good amount of his time communicating his past experience in technical articles and presentations to others.
Mark Wilcox is the senior integration specialist with WebCT, Inc. the leading provider of higher education e-learning solutions. His areas of expertise includes LDAP, authentication, security, and application integration.
Brian P. Rickabaugh is a senior systems architect for a global conglomerate in the financial, manufacturing and media industries. He is also president of StrayCat Incorporated, a small business focused primarily on software consulting services. He has been developing web-centric object-oriented software in C/C++ and Java for six years. He is also a huge proponent of open source software and the positive impact it can have on small, medium and large organizations. His current focus is on XML and implementing Web Services technologies for internal and external systems integration.
Debashish Bhattacharjee is a principal consultant with IBM Global Services. His areas of expertise are systems integration and project management. He has served as chief architect and led technical teams tasked with the implementation of e-commerce applications, portal implementations, web infrastructure, ERP, and client-server applications.
Sandip Bhattacharya is an open source enthusiast and an active participant in various open source communities in India, especially his local LUG at Delhi(ILUGD). He has been professionally involved in open source based technologies for the past three years. He is currently a freelance programmer and consults businesses on ways to use the open source revolution to their advantage.
Kapil Sharma is an Internet security and Unix consultant. He enjoys working on firewalls, Load Balancers, VPN, clustering, cryptography, white hat hacking, and various Unix flavours. He is actively involved in the open source community and has contributed many technical articles on system and network security.
