CertiGuide to Network+  9  Chapter 1000:  Security in the Real World

Application Proxies 1 XII  Chapter 1000:  Summary

Web server security is becoming more and more important, as more and more commerce is being conducted over the web. Today, most web servers are protected by firewalls (as described above), and many are also situated behind proxy servers that offer an additional layer of protection. Despite these safety efforts, web servers are still vulnerable due to bugs in the servers’ software.

No web server is immune from so-called “exploits” which take advantage of programming errors in the servers. As a responsible network administrator, you should keep up to date on the availability of security patches for your particular web server software, be it IIS, Apache, or some other product. (And more than keeping up to date on patch availability, you should keep up to date on patch APPLICATION).

As noted previously, traffic between the web server and the end user is a concern as well, because the data is being transmitted between the end-user and the web site is often sensitive (including personal details, credit card numbers, etc.). When designing web pages, take care to see that pages, which reference these types of sensitive information, use the SSL protocol mentioned in our discussion of encryption.

Application Proxies 1 XII  Chapter 1000:  Summary