Scribd
Upload
12 views7 pages

Websitehacking

It is one of the chapter from cyber security.

Uploaded by

hosurtejashwini123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views7 pages

Websitehacking

It is one of the chapter from cyber security.

Uploaded by

hosurtejashwini123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

What is Webserver

Web Server may be a program that hosts internet sites , supported both Hardware &
software. It delivers files and other content on the web site over Hyper Text Transfer
Protocol (HTTP). As we all know , use of internet and intranet has raised, web
services became a serious a part of the web . it's used for delivering files, email
communication, and other purposes. Web server supports differing types of
application extensions whereas all of them support HTML for basic content delivery.
Web Servers are often differentiated by the safety models, operating systems and
other factors.
Open Source Webserver Architecture
Open source web server architecture is that the Web server model during which an
open source web server is hosted on either an internet server or a third-party host
over the web .
How Web Applications Work
Web Application Architecture
Why Web Servers are Compromised
 Improper file and directory permissions
 Installing the server with default settings
 Unnecessary services are enabled, including content management and
remote administration
 Security conflicts with business ease-of-use case
 Lack of proper security policy, procedures & maintenance
 Improper authentication with external systems
 Default accounts with their default passwords or no passwords
 Misconfigurations in web server, operating systems & networks
 Bugs in server software, OS & web applications
 Misconfigured SSL certificates and encryption settings
 Use of self-signed certificates and default certificates
Web Application Threats
The Threats to Web Applications are:
 Cookie Poisoning
 Insecure Storage
 Information Leakage
 Directory Traversal
 Parameter/Form Tampering
 DOS Attack
 Buffer Overflow
 Log tampering
 SQL Injection
 Cross-Site (XSS)
 Cross-Site Request Forgery
 Security Misconfiguration
 Broken Session Management
 Session Hijacking
 Network Access Attacks
Countermeasures for WebApplication
 Each parameter should be checked against a white list that specifies exactly what
input are going to be allowed
 Do server-side validation
 Re-authentication for critical functions
 Simply avoid using redirects and forwards
 Use HTML / URL Encoding
 Filter input for any special characters
 Use tools like XSS Me for Firefox or XSS Rays for Chrome to check your website for
any XSS vulnerability
 Minimize user ability to predict object IDs/Names
 Applying the newest security patches (OS, DBMS, Web server and code libraries)
 Setting up roles, permissions, and accounts, including disabling all default accounts
or changing their passwords
 Strong encryption algorithms are used for encryption

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy