Team LiB
Previous Section Next Section
   
Book Cover
  
• Table of Contents
• Index
• Reviews
• Reader Reviews
• Errata
• Academic
Apache Security
By Ivan Ristic
 
Publisher: O'Reilly
Pub Date: March 2005
ISBN: 0-596-00724-8
Pages: 420
   


   Dedication
   Copyright
   Preface
      Audience
      Scope
      Contents of This Book
      Online Companion
      Conventions Used in This Book
      Using Code Examples
      We'd Like to Hear from You
      Safari Enabled
      Acknowledgments
        Chapter 1.  Apache Security Principles
      Section 1.1.  Security Definitions
      Section 1.2.  Web Application Architecture Blueprints
        Chapter 2.  Installation and Configuration
      Section 2.1.  Installation
      Section 2.2.  Configuration and Hardening
      Section 2.3.  Changing Web Server Identity
      Section 2.4.  Putting Apache in Jail
        Chapter 3.  PHP
      Section 3.1.  Installation
      Section 3.2.  Configuration
      Section 3.3.  Advanced PHP Hardening
        Chapter 4.  SSL and TLS
      Section 4.1.  Cryptography
      Section 4.2.  SSL
      Section 4.3.  OpenSSL
      Section 4.4.  Apache and SSL
      Section 4.5.  Setting Up a Certificate Authority
      Section 4.6.  Performance Considerations
        Chapter 5.  Denial of Service Attacks
      Section 5.1.  Network Attacks
      Section 5.2.  Self-Inflicted Attacks
      Section 5.3.  Traffic Spikes
      Section 5.4.  Attacks on Apache
      Section 5.5.  Local Attacks
      Section 5.6.  Traffic-Shaping Modules
      Section 5.7.  DoS Defense Strategy
        Chapter 6.  Sharing Servers
      Section 6.1.  Sharing Problems
      Section 6.2.  Distributing Configuration Data
      Section 6.3.  Securing Dynamic Requests
      Section 6.4.  Working with Large Numbers of Users
        Chapter 7.  Access Control
      Section 7.1.  Overview
      Section 7.2.  Authentication Methods
      Section 7.3.  Access Control in Apache
      Section 7.4.  Single Sign-on
        Chapter 8.  Logging and Monitoring
      Section 8.1.  Apache Logging Facilities
      Section 8.2.  Log Manipulation
      Section 8.3.  Remote Logging
      Section 8.4.  Logging Strategies
      Section 8.5.  Log Analysis
      Section 8.6.  Monitoring
        Chapter 9.  Infrastructure
      Section 9.1.  Application Isolation Strategies
      Section 9.2.  Host Security
      Section 9.3.  Network Security
      Section 9.4.  Using a Reverse Proxy
      Section 9.5.  Network Design
        Chapter 10.  Web Application Security
      Section 10.1.  Session Management Attacks
      Section 10.2.  Attacks on Clients
      Section 10.3.  Application Logic Flaws
      Section 10.4.  Information Disclosure
      Section 10.5.  File Disclosure
      Section 10.6.  Injection Flaws
      Section 10.7.  Buffer Overflows
      Section 10.8.  Evasion Techniques
      Section 10.9.  Web Application Security Resources
        Chapter 11.  Web Security Assessment
      Section 11.1.  Black-Box Testing
      Section 11.2.  White-Box Testing
      Section 11.3.  Gray-Box Testing
        Chapter 12.  Web Intrusion Detection
      Section 12.1.  Evolution of Web Intrusion Detection
      Section 12.2.  Using mod_security
        Appendix A.  Tools
      Section A.1.  Learning Environments
      Section A.2.  Information-Gathering Tools
      Section A.3.  Network-Level Tools
      Section A.4.  Web Security Scanners
      Section A.5.  Web Application Security Tools
      Section A.6.  HTTP Programming Libraries
   Colophon
   Index

Team LiB
Previous Section Next Section