ARTICLES

TEACHING YOU HOW TO SECURE YOUR SOFTWARE



Securing your web server. What does that mean?

What is web security? You might be tempted to think of web security in only term of how to secure your website and web applications. However, another important aspect of web security is securing your web server. A web server is used to host files for websites such as html documents, CSS stylesheets, images, and JavaScript files. The reason why securing a web server is so important is because it also hold information assets of a company. Even though there are multiple ways to secure a web server, the three that I find the most important are firewalls, private networking, and SSL/TLS encryption.

Even though there are multiple ways to secure a web server, the three that I find the most important are firewalls, private networking, and SSL/TLS encryption.

Firewalls

firewall

A firewall is either a piece of software or hardware used to control which requests are allowed on a network. Those requests could take the form of public services, private services or internal services. Firewalls allow you to restrict the access to your software according to your criteria. It provides a necessary layer of protection which ensures the protection of your data.

Private Networking/VPNs

VPN

Certain networks that are only available to certain servers or users are known as private networks. Often universities use a private network to ensure privacy among students. A VPN (virtual private network) is used to create a secure connection with a remote computer and a local machine as if the remote computer was on a local private network. This allows the use of remote servers and still maintain a secure connection. These allow you to create a secure network and allows secure communication between client and server. Setting up a private network is simple and straightforward, however setting up a VPN is more involved. That is because every server using a VPN needs to have shared security and configuration data installed to ensure a secure connection.

SSL/TLS Encryption

SSL

SSL/TLS certificates allow for encrypted communication between a user and a server. What this does is encrypt traffic on your server so that attackers who intercept traffic will not be able to steal valuable information. This allows you to encrypt your system without a VPN tunnel. Configuring and managing a certificate authority can be quite involved however proves to be important in the long run.

Related Tutorials

Buffer Overflow Attack
Cryptography
Build Secure Software
Cybersecurity

LEARN THE PROPER STEPS TO SECURE YOUR SOFTWARE.