Secure Web Application Setup
Secure Web Application Setup Package Securely configuring web server software and frameworks is the foundation of creating secure web-based services. Labs in this category explore the configuration of popular web server software packages and related tools, such as reverse proxies. …
Overview
Secure Web Application Setup Package
Securely configuring web server software and frameworks is the foundation of creating secure web-based services.
Labs in this category explore the configuration of popular web server software packages and related tools, such as reverse proxies. Labs also address the secure configuration of SSL encryption, preventing cryptographic attacks such as Heartbleed.
The labs in this category assume general knowledge of TCP/IP networking, the basics of the HTTP protocol, and some of the languages and frameworks commonly used for web applications. If you’ve configured nginx in the past but never used Apache, for instance, this is the category for you!
This package includes all labs in the Secure Web Application Setup category, as well as all new labs in the category released during your subscription period.
PREREQUISITES
Basic web application knowledge (HTTP, URL parameters, etc.), networking concepts (TCP/IP, DNS, etc.), and familiarity with the Unix/Linux command line.
EXPECTED DURATION
5.5 hours, self-paced. Pause and continue at any time.
5.5 CPEs awarded on successful completion.
PACKAGE CONTENTS
-
Secure Configuration of the Apache Web Server
Students will learn how to set up a web server securely by configuring the commonly-used Apache HTTP Server® on a Linux system. Security options will be explored, including location/directory restrictions, permissions, authentication, and SSL configuration.
-
Secure SSL Configuration in Apache
Students will build on the basic Apache configuration exercise to configure Secure Sockets Layer (SSL) encryption for the Apache HTTP Server®. Students will learn and implement best security practices and strong cryptography guarantees while avoiding vulnerabilities such as Heartbleed.
-
Deploying a LAMP Stack
Students will learn about the LAMP (Linux, Apache, MySQL, PHP) stack and will deploy a LAMP stack running an application written in PHP. LAMP is one of the most common software stacks for many of the web’s most popular applications. This lab is brought to you by the Rochester Institute of Technology Global Cybersecurity Institute.
Students will set up a LAMP stack to run WordPress, a PHP application. They will set up a MySQL database for use by the WordPress application, and will configure Apache to serve up the PHP pages for the application.
Students will learn just enough of the MySQL command line and of Apache configuration needed to deploy a LAMP stack. They can learn more about MySQL and Apache configuration in the labs An Introduction to MariaDB and MySQL, Secure Configuration of the Apache Web Server, and Secure SSL Configuration in Apache.