apache|server|web| Security (2) Buffer overflow security flaw
This method exploits some defects written by the program and causes the program to deviate from the normal flow. The program uses statically allocated memory to hold the request data, and an attacker can send an extra long request to overflow the buffer. Like some Perl-written gateway script that handles user requests. Once the buffer overflows, an attacker can execute its malicious instructions or cause the system to go down.
(3) The security flaw that the attacker obtains root permission
The main reason for this security flaw is that the Apache server is typically run as root (the parent process), through which the attacker obtains root privileges and thus controls the entire Apache system.
(4) The security flaw of the malicious attacker's denial of service (DoS) attack
This latest vulnerability, discovered on June 17, is primarily in the Apache Chunk encoding, an HTTP protocol-defined feature that accepts data submitted by web users. The hacker program can be used to effectively attack the Apache server running in FreeBSD 4.5, OpenBSD 3.0/3.1, NetBSD 1.5.2 platform.
All said that using the highest and latest security versions is critical to enhancing the security of the Apache Web server. Please the vast number of Apache server administrators to http://www.apache.org/dist/httpd/download patches to ensure that their Web server security!
Third, correctly maintain and configure the Apache server
Although the Apache server's developers are very focused on security, because of the Apache server its huge project, there will inevitably be security risks. It is important to properly maintain and configure the Apache Web server. Some of the issues we should be aware of:
(1) Apache Server configuration file
The Apache Web server has three main configuration files, located in the/usr/local/apache/conf directory. These three documents are:
Httpd.con-----> main configuration files
srm.conf------> Fill in the Resource file
access.conf---> Set access rights for files
Note: Specific configuration can refer to: http://httpd.apache.org/docs/mod/core.html
(2) log file for Apache server
We can use log format instructions to control the log file information. The IP address and hostname of the HTTP request browser can be logged to the log file using the Logformat "%a%l" directive. For security reasons, we should know in the log that at least those web users who failed the validation should add the Logformat "%401u" directive in the http.conf file to achieve this. There are many other parameters to this directive, and the user can refer to the Apache documentation. In addition, Apache error log files are also important for system administrators, and error log files include information such as Server startup, shutdown, and CGI execution failures. For more, see Apache Log series 1-5.
(3) The Directory security authentication of Apache server
In Apache server is allowed to use the. htaccess directory security, to read this protected directory needs to first type the correct user account and password. This can be done as a special management of Web pages stored in the directory or as a member area.
Place a file in the protected directory named. Htaccss