"Securing Apache series" tag
Tightened Security

Securing Apache, Part 11: Logs, et al.

In this final part of the series, we will discover how to strengthen security in Apache by logging and other miscellaneous ways. Configuring a system to be secure is indeed a key task,…

All checks in place!

Securing Apache, Part 10: mod_security

Right from Part 1 of this series, we’ve covered the major types of attacks being done on Web applications — and their security solutions. In this article, I will reveal the tremendous capabilities…

Secured!

Securing Apache, Part 9: Attacks that Target PHP-based Instances

Beginning with Part 1 of this series, we have covered all major attacks on Web applications and servers, with examples of vulnerable PHP code. In this article, we will cover those attacks that…

Secured!

Securing Apache, Part 8: DoS & DDoS Attacks

In this part of the series, we focus on DoS/DDoS attacks, which have been among the major threats to Web servers since the beginning of the Web 2.0 era. Denial of Service (DoS)…

Locked!

Securing Apache, Part 7: Fool-proofing the Server OS

Moving deeper into Web application and Apache security, let’s now focus on OS commanding attacks, and those that lead to the disclosure of crucial information and server directory paths. The attacks described below…

Secured!

Securing Apache, Part 6: Attacks on Session Management

In this part of the series, we are going to concentrate on attacks on session management. Application-level attacks on the session is about obtaining or manipulating the session ID without any prior information…

Secured!

Securing Apache, Part 5: HTTP Message Architecture

In the last four articles in this series, we have discussed SQL injection, XSS, CSRF, XST and XSHM attacks, and security solutions. This article focuses on attacks exploiting the HTTP message architecture in…

Locked up!

Securing Apache, Part 4: Cross-site Tracing (XST) & Cross-site History Manipulation (XSHM)

This series of articles addresses the Web security concerns of information security experts, systems administrators and all those who want to jump-start their careers in this domain. This time we will delve deeper…

Security measures

Securing Apache, Part 2: XSS Injections

In the previous article in this series, we started our journey to a secured Apache by dissecting its internals. We then looked at various attacks against Web applications via injection flaws, beginning with…

All published articles are released under Creative Commons Attribution-NonCommercial 3.0 Unported License, unless otherwise noted.
Open Source For You is powered by WordPress, which gladly sits on top of a CentOS-based LEMP stack.

Creative Commons License.