This bulletin summarizes the contents of NIST Special Publication 800-44, Version 2, Guidelines on Securing Public Web Servers. The publication details the steps that organizations should take to plan, install, and maintain secure Web server software and their underlying operating systems. The bulletin covers the security risks to public Web servers and NIST recommendations to organizations about: how to secure, install, and configure the operating system that supports the Web server; how to secure, install, and configure Web server software; how to deploy appropriate network protection mechanisms, such as firewalls, routers, switches, and intrusion detection and intrusion prevention systems; the steps for maintaining the secure configuration of the operating system and server software through the application of appropriate patches and upgrades; the requirements for security testing; the methods for monitoring logs, and for managing backups of data and operating system files; and how to use, publicize and protect information and data on Web servers in a careful and systematic manner.
This bulletin summarizes the contents of NIST Special Publication 800-44, Version 2, Guidelines on Securing Public Web Servers. The publication details the steps that organizations should take to plan, install, and maintain secure Web server software and their underlying operating systems. The...
See full abstract
This bulletin summarizes the contents of NIST Special Publication 800-44, Version 2, Guidelines on Securing Public Web Servers. The publication details the steps that organizations should take to plan, install, and maintain secure Web server software and their underlying operating systems. The bulletin covers the security risks to public Web servers and NIST recommendations to organizations about: how to secure, install, and configure the operating system that supports the Web server; how to secure, install, and configure Web server software; how to deploy appropriate network protection mechanisms, such as firewalls, routers, switches, and intrusion detection and intrusion prevention systems; the steps for maintaining the secure configuration of the operating system and server software through the application of appropriate patches and upgrades; the requirements for security testing; the methods for monitoring logs, and for managing backups of data and operating system files; and how to use, publicize and protect information and data on Web servers in a careful and systematic manner.
Hide full abstract
Keywords
Internet; network security; operating systems; public Web servers; security management; system security; vulnerabilities; Web browsers; Web servers
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
