Apache Security
|
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] CA (certificate authority) certificate signed by setting up CA keys, generating distribution, preparing for issuing client certificates issuing server certificates process revoking certificates using client certificates certificate authority [See CA] certificate-signing request (CSR) certificates chain of client CSR, generating request for server signing your own CGI PHP used as script limits, setting scripts, enabling sendmail replacement for jail chroot (jail) basic user authentication facilities CGI scripts chroot(2) patch database problems finishing touches internal and external jailing processes mod_chroot, mod_security Apache 1 Apache 2 Perl working in PHP working in tools user, group, and name resolution files CIA security triad cipher ciphertext Clam Antivirus tool cleartext CLF (Common Log Format) 2nd client-side validation logic flaw clusters fault-tolerant with Wackamole management node node failure reverse proxy code execution security flaw command execution security flawCommon Log Format [See CLF] compartmentalization, security principle confidentiality security goal configuration data, distributingconfiguration of Apache [See Apache, configuration and hardening] configuration review applications file permissions file storage area files initial notes web server connection timeout CookieLog directive (deprecated) cookies logic flaws namespace collisions session management attacks sessions, implementing with transport mechanism types of cross-site scripting (XSS) attacks [See XSS attacks] cryptography encryption asymmetric (public-key) 2nd 3rd one-way 2nd symmetric (private-key) 2nd goals how it works legal issues CSR (certificate-signing request) Curl network-level tool CustomLog directive 2nd Cygwin Windows command-line tool |
|