ACCU Home page ACCU Conference Page
Search Contact us ACCU at Flickr ACCU at GitHib ACCU at Google+ ACCU at Facebook ACCU at Linked-in ACCU at Twitter Skip Navigation

Search in Book Reviews

The ACCU passes on review copies of computer books to its members for them to review. The result is a large, high quality collection of book reviews by programmers, for programmers. Currently there are 1918 reviews in the database and more every month.
Search is a simple string search in either book title or book author. The full text search is a search of the text of the review.
    View all alphabetically
Title:
Maximum Apache Security 4ed
Author:
Anonymous
ISBN:
0-672-32459-8
Publisher:
Sams
Pages:
945pp + CD
Price:
£36-50
Reviewer:
Ian Bruntlett
Subject:
web programming;systems admin
Appeared in:
16-3
The book lists numerous exploits that the average web master should be aware of. And it lists many online white papers that explain things in greater detail. It also discusses the server tools that ship as part of Apache. Apache's logging facilities are described.

The internals of Apache 2.0 are discussed in detail. References to important sections of the Apache documentation are given.

Good practice to follow when writing server side applications is discussed. It recommends that you choose one language, learn it well and stay current on security issues. This may be a problem with some web masters who, like me, probably already know C/C++ and have dabbled with Perl. The book goes on to describe numerous problems - and interesting security and testing tools.

The book looks "under the hood" of Apache, identifying key C source files. It describes security as implemented by Netscape's SSL. It explains the use of firewalls with Apache. It also explains how, in certain circumstances, Apache can be used as a proxy server (for FTP, HTTP, HTTPS, SOCKS). The final chapter discusses the way to write expansion modules for Apache. This is very thorough but I feel the book should have also had an explanation of CGI and perhaps a better explanation of sockets programming and a discussion about ports.

Recommended despite some gaps (sockets, ports) and its age (2 years old).Other