1. Home
  2. Linux systems
  3. Secure Linux-based Servers

Section 8.1. Web Server Security

Bad things happen to good servers. What can happen? Where should you look? The Web has the same problems as the other important Internet services discussed in this book, differing mainly in the details.

8.1.1 Problems and Goals

Malice or mistake, whether local or remote, can foil the security goals mentioned in the first chapter. Table 8-1 lists some security problems you may encounter, as well as the desired goals.

Table 8-1. Web-security problems and goals

Sample problems

Security goals

Theft of service

Warez or pornography uploads

Pirate servers and applications

Password sniffing

Rootkit and trojan program installation

Denial of service targeting or participation

System integrity

Vandalism, data tampering, or site defacement

Inadvertent file deletion or modification

Data integrity

Theft of personal information

Leakage of personal data into URLs and logs

Data confidentiality

Unauthorized use of resources

Denial of service attacks

Crash or freeze from resource exhaustion (e.g., memory, disk, process space, file descriptors, or database connections)

System and network availability

8.1.2 What, When, and Where to Secure

Vulnerabilities exist everywhere, but some are more frequently targeted:

Code

Buffer overflows, string-format hacks, race conditions, logic errors, memory leaks

Files

Ownership, permissions, symbolic links, setuid/setgid

Authentication and authorization

Coverage gaps, data leaks, spoofing

Network

Promiscuous mode, denial of service; connectivity

System

User accounts, passwords

I'll describe web-server security more or less in chronological order, pointing out the problems and best practices as we go:

Build time

Obtaining and installing Apache

Setup time

Configuring Apache

Runtime

Securing CGI scripts, with PHP and Perl examples

Special topics

Issues spanning the operating system, web server, and CGI scripts: authentication, authorization, sessions, SSL, and others

8.1.3 Some Principles

Many times, I'll invoke one or more of these security mantras:

Simplify

Configure with least privilege. Avoid using root and restrict file ownership and permissions. Provide the bare minimum to serve files, run CGI scripts, and write logs.

Reduce

Minimize surface area; a smaller target is harder to hit. Disable or remove unneeded accounts, functions, modules, and programs. Things that stick out can break off.

Strengthen

Never trust user input. Secure access to external files and programs.

Diversify

Use layers of protection. Don't rely on security by the obscurity of a single mechanism, such as a password.

Document

Write down what you've done because you won't remember it. Trust us on this one.



    		Building Secure Servers with Linux
    		Preface
    		Chapter 1. Threat Modeling and Risk Management
    		Chapter 2. Designing Perimeter Networks
    		Chapter 3. Hardening Linux
    		Chapter 4. Secure Remote Administration
    		Chapter 5. Tunneling
    		Chapter 6. Securing Domain Name Services (DNS)
    		Chapter 7. Securing Internet Email
    		Chapter 8. Securing Web Services
    		Section 8.1. Web Server Security
    		Section 8.2. Build Time: Installing Apache
    		Section 8.3. Setup Time: Configuring Apache
    		Section 8.4. Runtime: Securing CGI Scripts
    		Section 8.5. Special Topics
    		Section 8.6. Other Servers and Web Security
    		Chapter 9. Securing File Services
    		Chapter 10. System Log Management and Monitoring
    		Chapter 11. Simple Intrusion Detection Techniques
    		Appendix A. Two Complete Iptables Startup Scripts
    		Colophon