© KrishnaKumar Sivaraman, 123RF.com
Protecting web servers with ModSecurity
Apache Protector
Security issues on the web are no longer typically a result of poor configuration or the lack of up-to-date server software. Tomcat, Apache, and even IIS have become extremely mature over the past few years – so much so that they don't have any noticeable vulnerabilities, although exceptions can always turn up to prove the rule. Thus, hackers have turned their attention to the web applications and scripts running on the servers.
Increasingly complex user requirements are making web applications more complex, too: Ajax, interaction with external databases, back-end interfaces, and directory services are just part of the package for a modern application. And, attack vectors grow to match this development (see the "Attacks on Web Servers" box).
Attacks on Web Servers
Compared with local applications, web applications are more vulnerable because they involve so many different components – from the browser and the Internet infrastructure to the web server and the back ends beyond. Vulnerabilities can occur anywhere, but the server is always at the center of this environment.
If the web application doesn't sufficiently validate user input and instead passes it to a database running in the background, attackers could use SQL injection to inject their own commands into the command chain. Thus, the attacker would be able to read, modify, or delete data and thereby exert a major influence on the application.
If an application also allows attackers to store files on the web server and execute them over the web, the intruder could set up a web shell. Because the server will execute the attacker's files, the attacker can run operating system commands on the web server and finally escalate their privileges to interactive shell access. Although the architecture of a carefully configured Apache will not give the
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Harden your Apache web server
Cyberattacks don't stop at the time-honored Apache HTTP server, but a smart configuration, timely updates, and carefully considered security strategies can keep it from going under. -
Security risks from insufficient logging and monitoring
Although inadequate logging and monitoring cannot generally be exploited for attacks, it nevertheless significantly affects the level of security. -
Protecting your web application infrastructure with the Nginx Naxsi firewall
One of the best-kept secrets about the popular Nginx web server is the Naxsi web application firewall. -
Many approaches help secure a web server
We submit an Apache web server to the Qualys SSL Server Test and look at how to protect against data theft with a combination of TLS by way of Let's Encrypt, SELinux or AppArmor, a firewall, and restraining your web server's verbosity. -
Denial of service defense
Slowloris can help you harden your web servers against denial-of-service attacks that restrict the availability of web services.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
