Journal of Technology and Life: Web Server security

"Silicon Valley network September 19," according to "Science and Technology and Life" magazine 2012 13th issue, in the rapid development of the internet today, http://www.aliyun.com/zixun/aggregation/17117.html "> Web servers have become an integral part of the Internet. As Web applications become more and more widespread, attackers also target the Web server, so their security is more and more important. This paper not only introduces the Web server simply, but also makes some precautions against its main attacking methods, and improves the security of the Web server effectively.


keywords Web service; security Defense


with the development of network Informatization, the application of Web service is more and more, and its security has been paid more and more attention. Once the Web server is compromised, not only does it fail to provide normal service, but internal information is also compromised. Originally for the web server mainstream attack means to do some introduction and prevention methods.


1Web Server Introduction


Web server is also known as WWW (worldwideweb) server, the main function is to provide online information browsing services. WWW is the Internet Multimedia Information Inquiry Tool, is the Internet in recent years, the development of services, but also the fastest growing and currently used the most extensive services. Because of the WWW tools, the Internet has developed rapidly in recent years, and the number of users has grown rapidly.


Web servers are programs that reside on some type of computer on the Internet. When a Web browser (client) connects to the server and requests a file, the server processes the request and sends the file to the browser, with information that tells the browser how to view the file (that is, the file type). The server uses HTTP (Hypertext Transfer Protocol) to communicate information, which is why people often refer to them as httpd servers.


Web servers can not only store information, but also run scripts and programs based on information provided by users through a Web browser.


2WEB servers face major threats


because the Web server serves a wide variety of clients, and the user is also various, so that these applications directly leak in a very insecure environment, Web servers are always security threats, these threats mainly include denial of service, distributed denial of service, SQL injection attacks and Cross-site scripting attacks.


2.1 Denial-of-service Attack

The
denial of service attack is a method or means to disable the target host or network and not provide services properly. Its technical principle is simple, tool, often difficult to prevent. Its attack mode mainly divides into three kinds, consumes the limited physical resources, modifies the configuration information, the physical part removal or the destruction.


2.2SQL Injection


SQL is often used in the database itself or the Web page program source loopholes, in such an attack,


An attacker would insert a SQL command into the input field of a Web form or a query string for a page request, tricking the server into executing a malicious SQL command. These commands often include forgetting to add malicious information to the database or deleting the information in the database, and even more likely to steal the administrator's account password from the database, thus achieving full control of the entire Web site system.


2.3 Cross-site scripting attack


An attacker inserts a malicious script into a Web page that is not filtered by the Web site, and when the user browses to the page, the malicious script embedded in it executes, thus achieving the attacker's special purpose.


Such attacks do not generally pose any threat to the site host itself, and the attacker uses some language (scripts) to attack the site's users with a Web site host as a springboard, so it is called a cross-site scripting attack.


3Web Server Security Protection


3.1 Install firewall and anti-virus software

The
firewall is an effective network security system that allows you to isolate areas of risk (the Internet or a network with a certain risk) from the security Zone (LAN) without impeding access to the zone of risk in the security zone. It is a hardware and software system composed of a certain strategy to control access to the network data.


After installing the firewall, by establishing some admittance policies, can prevent some illegal host to connect the server.


3.2 Shielding unnecessary ports


By default, Windows has a number of ports that are open, which also makes it easy for network hackers. Viruses and hackers can invade servers through these open ports. To improve the security of the server, in addition to some important necessary ports, such as 80 port for Web site services, 21 port for the FTP service, 25 port for the SMTP service, and so on other ports can be closed.


3.3 Off unnecessary services


operating systems tend to provide many services, but these services are often exploited by attackers, so unless they are needed, they are eventually turned off to improve security.


3.4 Reasonable access control


access control mechanism is to ensure the legitimate access to resources, a specific resource can only be accessed by users who have access to the resource to prevent illegal access. In the Web server, we can set different access rights for different groups of users to ensure the security of the system. Access control is based on the identity authentication, according to the authorization of the proposed resource access request to control. The process of restricting access to this system's resources by authorized users, programs, processes, or other systems in the computer network.


General implementation has access control table, Access ability table, authorization relation table.


3.5 Script Security Maintenance


Many attackers like to write programs that attack CGI programs or PHP scripts. When we use a Web site, we need to pass some necessary parameters to the Web server before we can access it properly. This parameter can be divided into two categories, one is a trustworthy parameter, the other is a parameter that is not trustworthy. When writing scripts, we need to be mindful of the parameters passed in. We can add some discriminant conditions to see whether the parameters are legitimate, standardized, not required to be introduced, and return error let the system administrator know someone is trying to attack, and take preventive measures in time.


3.6 Enable event logging


Enable Logging Service can record the whereabouts of hackers, the administrator can check the log to find the whereabouts of intruders, what has been done, what the back door, as well as to the system caused what damage and hidden trouble, the server exactly what security vulnerabilities, etc., in order to implement the maintenance targeted.


4 Concluding remarks


This article introduces the concept of Web server, as well as the main threats and prevention methods, as the Internet continues to evolve, the Web server has become an integral part, but for this reason, the Web server has become one of the main goals of many attackers, in order to prevent the mainstream of attacks, This article briefly introduces the main methods of prevention, the maintenance of web security is a difficult task, but we can still do some work to ensure the security of Web services.