[WEB SECURITY] Securing a website

Code Freak securesauce at gmail.com
Thu Jun 9 16:28:29 EDT 2005

On 6/9/05, Paul Ryan <pryan at rogers.wave.ca> wrote:
> All - I'm looking for a technical document for deploying a web server in a
> DMZ, I would like to make recommendation wrt to the website implementation
> (i.e web login, user grouping etc). The hardening portion of the actual box
> I have covered as it is a Unix server - just not sure of the best method for
> the web page security...

It's a little outdated, but check out 

NIST special publication  (SP) 800-44 
Guidelines on Securing Public Web Servers,
September 2002



There are some other good security documents on that page as well.


The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list