Webserver

Aug 172010
 

Vulnerabilities in web applications are now the largest vector of enterprise security attacks.

Stories about exploits that compromise sensitive data frequently mention culprits such as "cross-site scripting," "SQL injection," and "buffer overflow." Vulnerabilities like these fall often outside the traditional expertise of network security managers.

To help you understand how to minimize these risks, Qualys provides this guide as a primer to web application security. The guide covers:

* typical web application vulnerabilities
* comparison of options for web application vulnerability detection
* QualysGuard Web Application Scanning solution

 Posted by at 1:41 pm
May 122009
 

If you want to protect your apache webserver against DOS,DDOS or brute force attacks use mod_evasive module.mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.
Continue reading »

 Posted by at 2:33 pm
Feb 232009
 

Nginx (pronounced "engine x") is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Written by Igor Sysoev in 2005, Nginx now hosts between 1% and 4% of all domains worldwide .Nginx is known for its stability, rich feature set, simple configuration, and low resource consumption.
Continue reading »

 Posted by at 12:05 am