Web server defense drafted

"Guidelines on Securing Public Web Servers"

Related Links

Tackling one of the prime targets on a network for cyberattacks, the National Institute of Standards and Technology released a draft of its new guidance on securing public Web servers March 1.

The draft special publication is intended for technical personnel, as it contains detailed guidance and checklists on how to configure the Web server itself, as well as the underlying operating system and security products, such as firewalls and intrusion detection systems.

The guide also covers security administration procedures for Web servers, including logging, backup, recovery, testing and remote administration.

In the appendices, the guide outlines the steps to secure the two most commonly used Web servers, the open-source Apache server and Microsoft Corp.'s Internet Information Server.

Comments on the draft are due to Wayne Jansen ([email protected]) by March 28.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected