How do I configure Web server security?

Securing your Web server involves establishing rules for which users can access which files and possibly creating multiple Web sites. Because a lack of proper security can allow both the files and utilities on your system to be accessed by anyone on the Internet, the need to restrict access to sensitive data is an important part of maintaining a Web server.

Multiple Web sites

Putting sensitive information on one Web site and less sensitive information on another can greatly increase security in gateway scenarios where one network interface is considered private or trusted and another interface is exposed to the Internet.

Using multiple Web sites will not work in all scenarios. If your device only has one network card then this method will not work at all, in fact. Even for devices with more than one network card, there are other considerations. In a home gateway scenario, perhaps you want mom and dad to be able to access WebAdmin but you do not want the kids to have access.

Protecting Virtual Directories

Most Web servers use multiple virtual directories. Some virtual directories contain sensitive information that is meant to be access only by a small group of users. Other virtual directories may contain information intended for sharing across a broad group. For this reason, each virtual directory should be managed separately and the appropriate authentication levels should be set based on the type of information being shared.

When configuring authentication for a virtual directory, consider the following information: