The National Institute of Standards and Technology (NIST) has released a new publication that provides detailed tips on how to make web servers more resistant to potential attacks. Called ‘Guidelines on Securing Public Web Servers,’ the publication covers some of the latest threats to web security, while reflecting general changes in web technology that have taken place since the first version of the guide was published five years ago.

The guide advocates ‘defense in depth’—installing safeguards at various points of entry into the server, from the router that handles all incoming data traffic to the specific machines that house the server software. In addition, the guide recommends that organizations should monitor log files, create procedures for recovering from attacks, and regularly test the security of their systems.

The guide is designed for federal departments and agencies, but may be applicable to any web server to which the outside world has access. The guide is available free of charge here (PDF).

•Date: 12th October 2007• Region:US/ World •Type: Article •Topic: ISM
Rate this article or make a comment - click here