Web server defense drafted

"Guidelines on Securing Public Web Servers"

Related Links

Tackling one of the prime targets on a network for cyberattacks, the National Institute of Standards and Technology released a draft of its new guidance on securing public Web servers March 1.

The draft special publication is intended for technical personnel, as it contains detailed guidance and checklists on how to configure the Web server itself, as well as the underlying operating system and security products, such as firewalls and intrusion detection systems.

The guide also covers security administration procedures for Web servers, including logging, backup, recovery, testing and remote administration.

In the appendices, the guide outlines the steps to secure the two most commonly used Web servers, the open-source Apache server and Microsoft Corp.'s Internet Information Server.

Comments on the draft are due to Wayne Jansen ([email protected]) by March 28.

Featured

  • Cybersecurity
    Boy looks under voting booth at Ventura Polling Station for California primary Ventura County, California. Joseph Sohm / Shutterstock.com

    FBI breach notice rules lauded by states, but some want more

    A recent policy change by the FBI would notify states when their local election systems are hacked, but some state officials and lawmakers want the feds to inform a broader range of stakeholders in the election ecosystem.

  • paths (cybrain/Shutterstock.com)

    Does strategic planning help organizations?

    Steve Kelman notes growing support for strategic planning efforts -- and the steps agencies take to keep those plans relevant.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.