REVIEW - Maximum Apache Security 4ed


Maximum Apache Security 4ed






Sams ()


945pp + CD


Ian Bruntlett


June 2004



The book lists numerous exploits that the average web master should be aware of. And it lists many online white papers that explain things in greater detail. It also discusses the server tools that ship as part of Apache. Apache's logging facilities are described.

The internals of Apache 2.0 are discussed in detail. References to important sections of the Apache documentation are given.

Good practice to follow when writing server side applications is discussed. It recommends that you choose one language, learn it well and stay current on security issues. This may be a problem with some web masters who, like me, probably already know C/C++ and have dabbled with Perl. The book goes on to describe numerous problems - and interesting security and testing tools.

The book looks "under the hood" of Apache, identifying key C source files. It describes security as implemented by Netscape's SSL. It explains the use of firewalls with Apache. It also explains how, in certain circumstances, Apache can be used as a proxy server (for FTP, HTTP, HTTPS, SOCKS). The final chapter discusses the way to write expansion modules for Apache. This is very thorough but I feel the book should have also had an explanation of CGI and perhaps a better explanation of sockets programming and a discussion about ports.

Recommended despite some gaps (sockets, ports) and its age (2 years old).Other

Book cover image courtesy of Open Library.

Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED

By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED

Settings can be changed at any time from the Cookie Policy page.