CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

Completed

Action

Copyrighted material without the written permission of the owner

Privacy or security policies that indicate the types of security

measures in place to the degree that they may be useful to an

attacker

Establish an organizational wide documented formal policy and

process for approving public Web content that

Identifies information that should be published on the Web

Identifies target audience

Identifies possible negative ramifications of publishing the

information

Identifies who should be responsible for creating, publishing, and

maintaining this particular information

Provides guidelines on styles and formats appropriate for Web

publishing

Provides for appropriate review the information for sensitivity and

distribution/release controls (including the sensitivity of the

information in aggregate)

Determines the appropriate access and security controls

Provides guidance on the information contained within the source

code of the Web content

Web user privacy considerations

Published privacy policy

Prohibition the collection of personally identifying data without the

explicit permission of the user

Prohibition on the use of  persistent  cookies

Use of session cookie, if used, is clearly identified in published

privacy policy

Client side active content security considerations

Used only when absolutely required

No actions taken without express permissions of user

No use of high risk client side active content

When possible alternatives are provided (e.g., plain text provided

along with PDF)

Server side active content security considerations

Simple easy to understand code

Limited or no reading or writing of files

Limited or no interaction with other programs (e.g., sendmail)

No requirement to run with suid privileges

Use of explicit path names (i.e., does not rely on path variable)

No directories have both write and execute permissions

All executable files are placed in a dedicated folders





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.