Apache Security - Ivan Ristic [216]
reviewing permissions for, Reviewing file permissions
security disclosure, File Disclosure, Path Traversal, Application Download Flaws, Source Code Disclosure, Predictable File Locations
download script flaws, Application Download Flaws
path traversal, Path Traversal
predictable locations, Predictable File Locations
source code disclosure, Source Code Disclosure
Tripwire integrity checker, File Integrity
upload logging, File Upload Interception
virtual filesystems, permissions, Virtual filesystems for users
FilesMatch directive, Preventing Information Leaks
file_uploads directive, Controlling File Uploads
firewalls, Securing Network Access, Securing Network Access, Securing Network Access, Securing Network Access, Securing Network Access, Firewall Usage, Intrusion detection and HTTP, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Using mod_security, Using mod_security, Introduction, Installation and basic configuration, Processing order, Anti-evasion features, Encoding validation features, Rules, Actions, Logging, More Configuration Advice, Deployment Guidelines, Deployment Guidelines, Reasonable configuration starting point, Complex configuration scenarios, Byte-range restriction, File upload interception and validation, Restricting mod_security to process dynamic requests only, Request body monitoring, Response body monitoring, Deploying positive security model protection
basic rules for, Securing Network Access
configuration mistake, recovering from, Securing Network Access
deep-inspection, Evolution of Web Intrusion Detection
deployment guidelines, Deployment Guidelines, Deployment Guidelines, Reasonable configuration starting point
configuration starting point, reasonable, Reasonable configuration starting point
steps, Deployment Guidelines
host-based, Securing Network Access, Securing Network Access
Linux Netfilter, configuring with, Securing Network Access
hosts, each having, Securing Network Access
HTTP, appliances for, Intrusion detection and HTTP
mod_security, Using mod_security, Using mod_security, Introduction, Installation and basic configuration, Processing order, Anti-evasion features, Encoding validation features, Rules, Actions, Logging, More Configuration Advice, Complex configuration scenarios, Byte-range restriction, File upload interception and validation, Restricting mod_security to process dynamic requests only, Request body monitoring, Response body monitoring, Deploying positive security model protection
actions, Actions
anti-evasion features, Anti-evasion features
basic configuration, Introduction
byte-range restriction, Byte-range restriction
complex configuration scenarios, Complex configuration scenarios
configuration advice, More Configuration Advice
dynamic requests, restriction to, Restricting mod_security to process dynamic requests only
encoding-validation features, Encoding validation features
file upload interception and validation, File upload interception and validation
installation, Installation and basic configuration
logging, Logging
positive security model, deploying, Deploying positive security model protection
request body monitoring, Request body monitoring
request processing order, Processing order
response body monitoring, Response body monitoring
rule engine flexibility, Rules
scope, Using mod_security
WAFs, Evolution of Web Intrusion Detection
forensic logging, Logging as Much as Possible, Using HTTP status codes, Using HTTP status codes, Integration with PHP, Recommended log format, Alternative integration method
alternative integration method, Alternative integration method
format, recommended, Recommended log format
HTTP status codes, Using HTTP status codes
PHP integration, Using HTTP status codes, Integration with PHP
form fields, logic flaws, Cookies and Hidden Fields
form-based authentication, Form-Based Authentication
functional reviews, Functional Review, Basic application review, Application infrastructure review, Hot spot review, Hot spot review
applications, Basic application