74 lines
4.6 KiB
HTML
74 lines
4.6 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Control access to the HTTP server" />
|
||
|
<meta name="abstract" content="This article discusses considerations for protecting the contents of your Web site." />
|
||
|
<meta name="description" content="This article discusses considerations for protecting the contents of your Web site." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcphttp.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpadminhttp.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpresourcehttp.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="tcpcontrolhttp" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Control access to the HTTP server</title>
|
||
|
</head>
|
||
|
<body id="tcpcontrolhttp"><a name="tcpcontrolhttp"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Control access to the HTTP server</h1>
|
||
|
<div><p>This article discusses considerations for protecting the contents
|
||
|
of your Web site. </p>
|
||
|
<p>The primary purpose of running an HTTP server is to provide access for
|
||
|
visitors to a Web site on your system. You might think of someone
|
||
|
who visits your Web site as you would think of someone who views an advertisement
|
||
|
in a trade journal. The visitor is not aware of the hardware and software
|
||
|
running your Web site, such as the type of server you are using, and where
|
||
|
your server is physically located. Usually, you do not want to put any barrier
|
||
|
(such as a Sign On display) between a potential visitor and your Web site.
|
||
|
However, you might want to restrict access to some of the documents or CGI
|
||
|
programs that your Web site provides. </p>
|
||
|
<p>You might also want a single system to provide multiple logical Web sites.
|
||
|
For example, your system might support different branches of your business
|
||
|
that have different customer sets. For each of these branches of the business,
|
||
|
you want a unique Web site that appears totally independent to the visitor.
|
||
|
Additionally, you might want to provide internal Web sites (an intranet) with
|
||
|
confidential information about your business.</p>
|
||
|
<p>As a security administrator, you need to protect the contents
|
||
|
of your Web site while, at the same time, you need to ensure that your security
|
||
|
practices do not negatively affect the value of your Web site. In addition,
|
||
|
you need to ensure that HTTP activity does not jeopardize the integrity of
|
||
|
your system or your network. The topics that follow provide security suggestions
|
||
|
when you use the program.</p>
|
||
|
</div>
|
||
|
<div>
|
||
|
<ul class="ullinks">
|
||
|
<li class="ulchildlink"><strong><a href="rzamvtcpadminhttp.htm">Administration considerations</a></strong><br />
|
||
|
This article provides recommendations for securing the Internet server.</li>
|
||
|
<li class="ulchildlink"><strong><a href="rzamvtcpresourcehttp.htm">Protect resources</a></strong><br />
|
||
|
The IBM<sup>®</sup> HTTP
|
||
|
server includes HTTP directives that can provide detailed control of the information
|
||
|
assets that the server uses. You can use directives to control from which
|
||
|
directories the Web server serves URLs for both HTML files and CGI programs,
|
||
|
to swap to other user profiles, and to require authentication for some resources.</li>
|
||
|
</ul>
|
||
|
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvtcphttp.htm" title="These topics discuss methods for securing the IBM HTTP server for authorized users and preventing access to the HTTP server.">Security considerations for using IBM HTTP server</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|