Book Image

Python Penetration Testing Essentials

By : Mohit
Book Image

Python Penetration Testing Essentials

By: Mohit

Overview of this book

Table of Contents (14 chapters)
Python Penetration Testing Essentials
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Hardening of a web server


In this section, let's throw some light on common mistakes observed on a web server. We will also discuss some points to harden the web server follows:

  • Always hide your server signature.

  • If possible, set a fake server signature, which can mislead the attackers.

  • Handle the errors.

  • Try to hide the programming language page extensions because it will be difficult for the attacker to see the programming language of the web applications.

  • Update the web server with the latest patch from the vendor. It avoids any chance of exploitation of the web server. The server can at least be secured for known vulnerabilities.

  • Don't use a third-party patch to update the web server. A third-party patch may contain trojans, viruses, and so on.

  • Do not install other applications on the web server. If you install an OS such as RHEL or Windows, don't install other unnecessary software such as Office or editors because they might contain vulnerabilities.

  • Close all ports except 80 and 443.

  • Don't install...