Web Server Security

Last Updated on 6 Sept. 2006, Total: 17 Articles and Tutorials

  1. How URL Authorization Increases Web Server Security

    Web servers, by their very nature, are usually exposed to outsiders and thus are vulnerable to compromise and attack. Internet Information Services (IIS) version 6, included with Windows Server 2003, provides a number of new security features designed to increase web server security. One of these is URL authorization, which works in conjunction with Server 2003’s Authorization Manager. In this... Read More

  2. Installing and Securing IIS Servers (Part 1)

    IIS, an acronym for Internet Information Services is a web application server program that handles HTTP requests, ranking second in popularity (after Apache). Its popularity is mainly due to the fact that IIS sites are so easy to implement - just a few mouse-clicks away - from a total disaster... Read More

  3. Installing and Securing IIS Servers (Part 2)

    The previous article showed you how to install, configure and, finally, how to connect your new Web Server to the Internet. Now you may be sure that the server runs securely. You have subscribed to Microsoft security bulletins not to omit any important patches. All you have to do now is to rest on your laurels. Are you sure about... Read More

  4. Installing and Securing IIS Servers (Part 3)

    In Part I of the series we dealt with the installation of the IIS service whilst Part II covered issues related to configuring an IIS Server to handle encrypted connections. Until now, we used Internet Services Manager, a standard administration tool, to introduce changes in the IIS configuration settings. Part III is concerned with some new administration methods allowing one... Read More

  5. Locking Down IIS 6.0 with .NET: The Default Security Wizard

    Yeah, you’ve heard it a million times. How often you hear that IIS has been hacked, another unchecked buffer (the millionth one this year) and no, not another service pack or hot fix!... Read More

  6. Protect your Web Servers with SSL

    HTTP communications are fine for the average Web server, which just contains informational pages. But if you’re thinking about running an e-commerce site or other Web services that require secure transactions, you need to be able to encrypt communications between your Web server and its clients. The most common means is by the use of Secure Sockets Layer (SSL), which... Read More

  7. SPIKE and BURP for real world computer security usage (Part 1)

    This article series will demonstrate how to use an HTTP proxy... Read More

  8. SPIKE and BURP for real world computer security usage (Part 2)

    In this part two of the article series we will actually use an HTTP proxy and find out more on how you can use this very useful tool... Read More

  9. SPIKE and BURP for real world computer security usage (Part 3)

    This article is the last in a series based on SPIKE the HTTP proxy... Read More

  10. SPIKE and BURP for real world computer security usage (Part 4)

    In previous articles we covered the SPIKE HTTP proxy, and how to use it. Well there are many different HTTP proxies out there, and the BURP HTTP proxy is one of the better ones. Choosing an HTTP proxy to use is often a matter of preference... Read More