Web Server Security

Last Updated on 6 Sept. 2006, Total: 17 Articles and Tutorials

  1. SSL Acceleration and Offloading: What Are the Security Implications?

    Secure Sockets Layer (SSL) is a popular method for encrypting data transferred over the Internet. It is commonly used to provide secure transfer of credit card information and other sensitive data in an e-commerce situation. SSL can also be used to create a virtual private networking (VPN) tunnel, as an alternative to “old standbys” IPSec and PPTP. I will discuss... Read More

  2. How URL Authorization Increases Web Server Security

    Web servers, by their very nature, are usually exposed to outsiders and thus are vulnerable to compromise and attack. Internet Information Services (IIS) version 6, included with Windows Server 2003, provides a number of new security features designed to increase web server security. One of these is URL authorization, which works in conjunction with Server 2003’s Authorization Manager. In this... Read More

  3. Secure Architecture for an SQL / Web Server

    There are many ways to hack a Web server. One cannot assume that database servers are unassailable fortresses. So what should one do if a Web server which derives data from a database needs to be made accessible? The most obvious answer to this question is to run like hell to a calmer job. Luckily there are other, more rational... Read More

  4. Installing and Securing IIS Servers (Part 3)

    In Part I of the series we dealt with the installation of the IIS service whilst Part II covered issues related to configuring an IIS Server to handle encrypted connections. Until now, we used Internet Services Manager, a standard administration tool, to introduce changes in the IIS configuration settings. Part III is concerned with some new administration methods allowing one... Read More

  5. Installing and Securing IIS Servers (Part 2)

    The previous article showed you how to install, configure and, finally, how to connect your new Web Server to the Internet. Now you may be sure that the server runs securely. You have subscribed to Microsoft security bulletins not to omit any important patches. All you have to do now is to rest on your laurels. Are you sure about... Read More

  6. Installing and Securing IIS Servers (Part 1)

    IIS, an acronym for Internet Information Services is a web application server program that handles HTTP requests, ranking second in popularity (after Apache). Its popularity is mainly due to the fact that IIS sites are so easy to implement - just a few mouse-clicks away - from a total disaster... Read More

  7. Locking Down IIS 6.0 with .NET: The Default Security Wizard

    Yeah, you’ve heard it a million times. How often you hear that IIS has been hacked, another unchecked buffer (the millionth one this year) and no, not another service pack or hot fix!... Read More