Secure Dynamic Content with Apache

KingARP writes "This article details how to secure dynamic content on an Apache Web server. Topics covered include general security issues pertaining to dynamic content, securing Server Side Includes, configuring Apache's Common Gateway Interface, and wrapping dynamic content. The article is targeted primarily at Webmasters and system administrators responsible for maintaining and securing a Web server; however, anyone with a need or desire to server dynamic content will benefit from the topics covered."

More Papers on web security

[Anonymous Coward]

www.cgisecurity.com/lib [cgisecurity.com]

So So Tutorial

[EkiM in De]

I am a bit of a fan of the IBM tutorials and I usually spend a couple of hours each month reading through one or two. I have found that the ones I have read are not too hot on detail but I believe they are designed to be digested in an hour or so. So naturally they give a good introduction to a topic, but also provide a nice stepping stone to more complex material.

Tutorial for 1.3.26 not 2.x architecture

[tyrione]

Would the author of this /. article please modify the summary to make note it is for Apache 1.3.26 alone.

It just makes good sense to make that destinction so people can pass or inquire about the article more, knowing what targeted release it was based upon, upfront.

Not particularly deep

[Gerry Gleason]

The is very little in this article that isn't in the class of, "If you don't know this already, you probably shouldn't be running any dynamic content". I thought it would at least go into stuff about securing pages that allow updating of content or configuration from web pages, but I didn't see any of this. Stuff like SSL, authentication and certificates.