Web servers are often the most targeted and attacked hosts on network. As a result, it is essential to secure Web servers and the network infrastructure that supports them. In order to design, implement, and operate publicly accessible Web servers, including related network infrastructure issues you need to use some recommended security practices. You may already have them in your organization if not, then you could take a look on recommendations of the National Institute of Standards and Technology U.S. Department of Commerce for securing public web servers. The purpose of these guidelines is to recommend security practices used by organizations interested in enhancing security on existing and future Web server systems to reduce the number and frequency of Web-related security incidents.
Guideline will give you insight on topics like:
• Planning and Managing Web Servers;
• Securing the Web Server Operating System;
• Securing the Web Server;
• Securing Web Content;
• Using Authentication and Encryption Technologies;
• Implementing a Secure Network Infrastructure;
• Administering the Web Server.
More publications related to IT security can be found here: