77 lines
4.8 KiB
HTML
77 lines
4.8 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
|||
|
|
<!DOCTYPE html
|
|||
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|||
|
|
<html lang="en-us" xml:lang="en-us">
|
|||
|
|
<head>
|
|||
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|||
|
|
<meta name="security" content="public" />
|
|||
|
|
<meta name="Robots" content="index,follow" />
|
|||
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|||
|
|
<meta name="DC.Type" content="concept" />
|
|||
|
|
<meta name="DC.Title" content="Security considerations for using IBM HTTP server" />
|
|||
|
|
<meta name="abstract" content="These topics discuss methods for securing the IBM HTTP server for authorized users and preventing access to the HTTP server." />
|
|||
|
|
<meta name="description" content="These topics discuss methods for securing the IBM HTTP server for authorized users and preventing access to the HTTP server." />
|
|||
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpsetupsecurity.htm" />
|
|||
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpstophttp.htm" />
|
|||
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpcontrolhttp.htm" />
|
|||
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
|
<meta name="DC.Format" content="XHTML" />
|
|||
|
|
<meta name="DC.Identifier" content="tcphttp" />
|
|||
|
|
<meta name="DC.Language" content="en-us" />
|
|||
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|||
|
|
<!-- US Government Users Restricted Rights -->
|
|||
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|||
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|||
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|||
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|||
|
|
<title>Security considerations for using IBM HTTP server</title>
|
|||
|
|
</head>
|
|||
|
|
<body id="tcphttp"><a name="tcphttp"><!-- --></a>
|
|||
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|||
|
|
<h1 class="topictitle1">Security considerations for using IBM HTTP server</h1>
|
|||
|
|
<div><p>These topics discuss methods for securing the IBM<sup>®</sup> HTTP
|
|||
|
|
server for authorized users and preventing access to the HTTP server.</p>
|
|||
|
|
<p>The HTTP server provides World Wide Web browser clients with access to
|
|||
|
|
system multimedia objects, such as HTML (Hypertext Markup Language) documents.
|
|||
|
|
It also supports the Common Gateway Interface (CGI) specification. Application
|
|||
|
|
programmers can write CGI programs to extend the functionality of the server. </p>
|
|||
|
|
<p>The administrator can use Internet Connection Server or IBM HTTP server
|
|||
|
|
to run multiple servers concurrently on the same system. Each server that
|
|||
|
|
is running is called a server instance. Each server instance has a unique
|
|||
|
|
name. The administrator controls which instances are started and what each
|
|||
|
|
instance can do.</p>
|
|||
|
|
<div class="important"><span class="importanttitle">Important:</span> You must have the *ADMIN instance of the HTTP server
|
|||
|
|
running when you use a Web browser to configure or administer any of the following: <ul><li>Firewall for iSeries™</li>
|
|||
|
|
<li>Internet Connection Server</li>
|
|||
|
|
<li>Internet Connection Secure Server</li>
|
|||
|
|
<li>IBM HTTP
|
|||
|
|
Server</li>
|
|||
|
|
</ul>
|
|||
|
|
</div>
|
|||
|
|
<p>A user (Web site visitor) never sees a system Sign On display. However,
|
|||
|
|
the system administrator must explicitly authorize all HTML documents and
|
|||
|
|
CGI programs by defining them in HTTP directives. In addition, the administrator
|
|||
|
|
can set up both resource security and user authentication (user ID and password)
|
|||
|
|
for some or all requests. </p>
|
|||
|
|
<p>An attack by a hacker could result in a denial of service to your Web server.
|
|||
|
|
Your server can detect a denial-of-service attack by measuring the timeout
|
|||
|
|
of certain clients’ requests. If the server does not receive a request from
|
|||
|
|
the client, then your server determines that a denial-of-service attack is
|
|||
|
|
in progress. This occurs after making the initial client connection to your
|
|||
|
|
server. The server’s default is to detect attacks.</p>
|
|||
|
|
</div>
|
|||
|
|
<div>
|
|||
|
|
<ul class="ullinks">
|
|||
|
|
<li class="ulchildlink"><strong><a href="rzamvtcpstophttp.htm">Prevent HTTP access</a></strong><br />
|
|||
|
|
This article discusses the steps for preventing users from accessing the HTTP server.</li>
|
|||
|
|
<li class="ulchildlink"><strong><a href="rzamvtcpcontrolhttp.htm">Control access to the HTTP server</a></strong><br />
|
|||
|
|
This article discusses considerations for protecting the contents of your Web site.</li>
|
|||
|
|
</ul>
|
|||
|
|
|
|||
|
|
<div class="familylinks">
|
|||
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvtcpsetupsecurity.htm" title="The following information guides you through the process of setting up TCP/IP security.">Set up TCP/IP security</a></div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</body>
|
|||
|
|
</html>
|