Apache Security - Ivan Ristic [224]
file_uploads directive, Controlling File Uploads
functions and classes, disabling, Disabling Functions and Classes
limits, setting, Setting Limits
logging options, Setting Logging Options
modules, dynamically loading, Dynamic module loading
open_basedir directive, Restricting Filesystem Access
options, disabling, Disabling Undesirable Options
register_globals problem, register_globals and allow_url_fopen
safe mode restrictions, Setting Safe Mode Options
session security, Increasing Session Security
doc_root directive, Restricting Filesystem Access
environmental variable restrictions, Environment variable restrictions
error logging, turning on, Setting Logging Options
external process restrictions, External process execution restrictions
file access restrictions, File access restrictions
forensic logging integration, Using HTTP status codes, Integration with PHP
Hardened-PHP project, Hardened-PHP
hardening, advanced, Advanced PHP Hardening, PHP 5 SAPI Input Hooks
SAPI Input Hooks, PHP 5 SAPI Input Hooks
information about, disabling, Display of information about PHP
installation, Installation, Using PHP as a Module, Using PHP as a Module, Using PHP as a CGI
CGI script approach, Using PHP as a CGI
configuration file location error, Using PHP as a Module
modules, Using PHP as a Module
interpreter security issues, Using PHP as a CGI
jail, working in, Preparing PHP to work in jail
module, making secure, Running PHP as a Module
posix module, disabling, Choosing Modules
SAPI input hooks, PHP 5 SAPI Input Hooks
Security Consortium, PHP
security resources, PHP
source download, Installation
PKI (public-key infrastructure), Public-Key Infrastructure
plaintext, Cryptography
port connection for SSL, OpenSSL
port scanning, Deploying Minimal Services, Port scanning
netstat port-listing tool, Deploying Minimal Services
positive security model, Negative versus positive security models
posix module, Choosing Modules
POST method logic flaws, POST Method
private-key (symmetric) encryption, Symmetric Encryption, How It All Falls into Place
process state management logic flaws, Process State Management
protocol analyzer SSLDump, SSLDump
proxies, Proxy Access Control, Reverse proxies, Using a Reverse Proxy
access control, Proxy Access Control, Reverse proxies
reverse proxies do not require, Reverse proxies
reverse, Using a Reverse Proxy (see reverse proxies)
ptrace, process hijacking with, Dynamic-Content Problems
public-key (asymmetric) encryption, Asymmetric Encryption, Asymmetric Encryption, Asymmetric Encryption, Asymmetric Encryption, Asymmetric Encryption, Public-Key Infrastructure, Digital certificates, Certificate authorities, Web of trust, How It All Falls into Place, OpenSSL Benchmark Script
(see also public-key cryptography)
certificate authorities, Certificate authorities
digital certificates, Digital certificates
DSA, Asymmetric Encryption
Elliptic curve, Asymmetric Encryption
infrastructure, Public-Key Infrastructure
RSA, Asymmetric Encryption
web of trust, Web of trust
public-key cryptography, SSL Communication Summary, SSL Communication Summary, Nontechnical issues
(see also public-key encryption)
public-key infrastructure (PKI), Public-Key Infrastructure
R
RefererIgnore directive (deprecated), Request Logging
RefererLog directive (deprecated), Request Logging
referrer check logic flaws, Referrer Check Flaws
response security phase, Security Definitions
reverse proxies, Reverse proxies, Using a Reverse Proxy, Using a Reverse Proxy, Apache Reverse Proxy, Reverse Proxy by Network Design, Reverse Proxy by Redirecting Network Traffic, Reverse Proxy Patterns, Front door, Front door, Integration reverse proxy, Protection reverse proxy, Performance reverse proxy
access control not required, Reverse proxies
advantages, Using a Reverse Proxy
Apache, Apache Reverse Proxy
central access policies, for, Front door
designed into network, Reverse Proxy by Network Design
network traffic redirect, Reverse