Synopsis
Security is a prime concern over the Internet. The rise of e-commerce has increased the demand for additional security requirements. This book presents detailed information on security aspects related to Apache, as well as practical ways to make the Apache web server more secure. The book provides an in-depth discussion on how to how to secure Apache. It provides comprehensive information on planning and implementing security at protocol, application and system levels. Additionally the book provides an overview of strategic defence against would-be crackers. This book is for Apache administrators, security analysts, web developers and system architects. Topics covered include: an overview of security and type of attacks; an overview of the Apache installation and configuration process; a dissection of how Apache handles HTTP and URL and the effects on system security; planning and implementing security; security at protocol, application and system level; comparison of various options for implementing SSL; implementation and use of SSL to enable security at transport layer; various popular authentication techniques available; LDAP, concepts, principles and use with Apache; using various techniques like JAIL, logging, and session tracking; and a complete case study to establish a secure web site for e-Commerce.
About the Author
Tony Mobily is a technical writer and technical editor who manages the Italian computer magazine "Login", and works daily with many Internet technologies. He is a senior system administrator and a security expert, and has lots of fun playing with buffer overflows, DOS attacks, and firewalls.
Paul Weinstein devotes his energies to developing and integrating web-based systems. He has become knowledgeable in the detail workings of many tools of the trade including, Apache, Perl, PHP, SSL, mySQL, and Linux. Currently, he works as Chief Consultant for Waubonsie Consulting, spending a good amount of his time communicating his past experience in technical articles and presentations to others.
Mark Wilcox is the senior integration specialist with WebCT, Inc. the leading provider of higher education e-learning solutions. His areas of expertise includes LDAP, authentication, security, and application integration.
Brian P. Rickabaugh is a senior systems architect for a global conglomerate in the financial, manufacturing and media industries. He is also president of StrayCat Incorporated, a small business focused primarily on software consulting services. He has been developing web-centric object-oriented software in C/C++ and Java for six years. He is also a huge proponent of open source software and the positive impact it can have on small, medium and large organizations. His current focus is on XML and implementing Web Services technologies for internal and external systems integration.
Debashish Bhattacharjee is a principal consultant with IBM Global Services. His areas of expertise are systems integration and project management. He has served as chief architect and led technical teams tasked with the implementation of e-commerce applications, portal implementations, web infrastructure, ERP, and client-server applications.
Sandip Bhattacharya is an open source enthusiast and an active participant in various open source communities in India, especially his local LUG at Delhi(ILUGD). He has been professionally involved in open source based technologies for the past three years. He is currently a freelance programmer and consults businesses on ways to use the open source revolution to their advantage.
Kapil Sharma is an Internet security and Unix consultant. He enjoys working on firewalls, Load Balancers, VPN, clustering, cryptography, white hat hacking, and various Unix flavours. He is actively involved in the open source community and has contributed many technical articles on system and network security.
