• Complain
LitArk » Books » Computer

Ivan Ristic - Apache Security

Here you can read online Ivan Ristic - Apache Security full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2005, publisher: OReilly Media, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    Apache Security
  • Author:
  • Publisher:
    OReilly Media
  • Genre:
  • Year:
    2005
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

Apache Security: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Apache Security" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if its a secure one. To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether its running a huge e-commerce operation, corporate intranet, or just a small hobby site. Our new guide, Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Securityspeaks to nearly everyone in the field. Whats more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general. But this book isnt just about theory. The real strength of Apache Securitylies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to: install and configure Apache prevent denial of service (DoS) and other attacks securely share servers control logging and monitoring secure custom-written web applications conduct a web security assessment use mod_security and other security-related modules And thats just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Securityis packed and to the point, with plenty of details for locking down this extremely popular and versatile web server.

Ivan Ristic: author's other books


Who wrote Apache Security? Find out the surname, the name of the author of the book and a list of all author's works by series.


Ivan Ristic - Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications
Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications
Ivan Ristic
Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications
Ivan Ristić - OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands
OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands
Ivan Ristić
OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands
Ivan Ristić - OpenSSL Cookbook
OpenSSL Cookbook
Ivan Ristić
OpenSSL Cookbook
No cover
No cover
Ivan Ristic
Apache Security

Apache Security — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Apache Security" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
1234567...115
Apache Security
Ivan Ristic

Copyright 2009 O'Reilly Media, Inc.

OReilly Media Dedication To my dear wife Jelena who makes my life worth - photo 1

O'Reilly Media
Dedication

To my dear wife Jelena, who makes my life worth living.

Preface

There is something about books that makes them one of the most precious things in the world. I've always admired people who write them, and I have always wanted to write one myself. The book you are now holding is a result of many years of work with the referenced Internet technologies and almost a year of hard work putting the words on paper. The preface may be the first thing you are reading, but it is the last thing I am writing. And I can tell you it has been quite a ride.

Aside from my great wish to be a writer in the first place, which only helped me in my effort to make the book as good as possible, there is a valid reason for its existence: a book of this profile is greatly needed by all those who are involved with web security. I, and many of the people I know, need it. I've come to depend on it in my day-to-day work, even though at the time of this writing it is not yet published. The reason this book is needed is that web security is affected by some diverse factors, which interact with each other in web systems and affect their security in varied, often subtle ways. Ultimately, what I tried to do was create one book to contain all the information one needs to secure an Apache-based system. My goal was to write a book I could safely recommend to anyone who is about to deploy on Apache, so I would be confident they would succeed provided they followed the advice in the book. You have, in your hands, the result of that effort.

Audience

This book aims to be a comprehensive Apache security resource. As such, it contains a lot of content on the intermediate and advanced levels. If you have previous experience with Apache, I expect you will have no trouble jumping to any part of the book straight away. If you are completely new to Apache, you will probably need to spend a little time learning the basics first, perhaps reading an Apache administration book or taking one of the many tutorials available online. Since Apache Security covers many diverse topics, it's likely that no matter what level of experience you have you are likely to have a solid starting point.

This book does not assume previous knowledge of security. Security concepts relevant for discussion are introduced and described wherever necessary. This is especially true for web application security, which has its own chapter.

The main thing you should need to do your job in addition to this book, is the Apache web server's excellent reference documentation (http://httpd.apache.org/docs/).

The book should be especially useful for the following groups:

System administrators

Their job is to make web systems secure. This book presents detailed guidance that enables system administrators to make informed decisions about which measures to take to enhance security.

Programmers

They need to understand how the environment in which their applications are deployed works. In addition, this book shows how certain programming errors lead to vulnerabilities and tells what to do to avoid such problems.

System architects

They need to know what system administrators and programmers do, and also need to understand how system design decisions affect overall security.

Web security professionals

They need to understand how the Apache platform works in order to assess the security of systems deployed on it.

Scope

At the time of this writing, two major Apache branches are widely used. The Apache 1.x branch is the well-known, and well-tested, web server that led Apache to dominate the web server market. The 2.0.x branch is the next-generation web server, but one that has suffered from the success of the previous branch. Apache 1 is so good that many of its users do not intend to upgrade in the near future. A third branch, 2.2.x will eventually become publicly available. Although no one can officially retire an older version, the new 2.2.x branch is a likely candidate for a version to replace Apache 1.3.x. The Apache branches have few configuration differences. If you are not a programmer (meaning you do not develop modules to extend Apache), a change from an older branch to a newer branch should be straightforward.

This book covers both current Apache branches. Wherever there are differences in the configuration for the two branches, such differences are explained. The 2.2.x branch is configured in practically the same way as the 2.0.x branch, so when the new branch goes officially public, the book will apply to it equally well.

Many web security issues are directly related to the operating system Apache runs on. For most of this book, your operating system is irrelevant. The advice I give applies no matter whether you are running some Unix flavor, Windows, or some other operating system. However, in most cases I will assume you are running Apache on a Unix platform. Though Apache runs well on Windows, Unix platforms offer another layer of configuration options and security features that make them a better choice for security-conscious deployments. Where examples related to the operating system are given, they are typically shown for Linux. But such examples are in general very easy to translate to other Unix platforms and, if you are running a different Unix platform, I trust you will have no problems with translation.

Contents of This Book

While doing research for the book, I discovered there are two types of people: those who read books from cover to cover and those who only read those parts that are of immediate interest. The book's structure (12 chapters and 1 appendix) aims to satisfy both camps. When read sequentially, the book examines how a secure system is built from the ground up, adding layer upon layer of security. However, since every chapter was written to cover a single topic in its entirety, you can read a few selected chapters and leave the rest for later. Make sure to read the first chapter, though, as it establishes the foundation for everything else.

, presents essential security principles, security terms, and a view of security as a continuous process. It goes on to discuss threat modeling, a technique used to analyze potential threats and establish defenses. The chapter ends with a discussion of three ways of looking at a web system (the user view, the network view, and the Apache view), each designed to emphasize a different security aspect. This chapter is dedicated to the strategy of deploying a system that is created to be secure and that is kept secure throughout its lifetime.

, gives comprehensive and detailed coverage of the Apache installation and configuration process, where the main goal is not to get up and running as quickly as possible but to create a secure installation on the first try. Various hardening techniques are presented along with discussions of the advantages and disadvantages of each.

. It begins with a discussion of and installation guidance for common PHP deployment models (as an Apache module or as a CGI), continues with descriptions of security-relevant configuration options (such as the safe mode), and concludes with advanced hardening techniques.

, discusses cryptography on a level sufficient for the reader to make informed decisions about it. The chapter first establishes the reasons cryptography is needed, then introduces SSL and discusses its strengths and weaknesses. Practical applications of SSL for Apache are covered through descriptions and examples of the use of

Next page
1234567...115
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Apache Security»

Look at similar books to Apache Security. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Ed Macy - Apache
Apache
Ed Macy
Apache
Andrew Ford - Apache 2 Pocket Reference: For Apache Programmers & Administrators
Apache 2 Pocket Reference: For Apache Programmers & Administrators
Andrew Ford
Apache 2 Pocket Reference: For Apache Programmers & Administrators
No cover
No cover
Ristic
Apache Security
Lewis - Apache Dawn
Apache Dawn
Lewis
Apache Dawn
Laurie Ben - Apache: the definitive guide
Apache: the definitive guide
Laurie Ben
Apache: the definitive guide
No cover
No cover
Peicevic Antun.
Apache HTTP Server introduction
No cover
No cover
Deepak Vohra
Apache HBase Primer
Scott Cranton and Jakub Korab - Apache Camel Developer's Cookbook
Apache Camel Developer's Cookbook
Scott Cranton and Jakub Korab
Apache Camel Developer's Cookbook
Guðmundur Jón Halldórsson - Apache Accumulo for Developers
Apache Accumulo for Developers
Guðmundur Jón Halldórsson
Apache Accumulo for Developers
No cover
No cover
Rich Bowen
Apache Cookbook: Solutions and Examples for Apache Administrators
Ashok Appu - Administering and Securing the Apache Server
Administering and Securing the Apache Server
Ashok Appu
Administering and Securing the Apache Server
Rafal Ku - Apache Solr 3.1 Cookbook
Apache Solr 3.1 Cookbook
Rafal Ku
Apache Solr 3.1 Cookbook
Reviews about «Apache Security»

Discussion, reviews of the book Apache Security and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.