The article "Ensuring website safety" is provided by Sophos Plc and SophosLabs.

December 2007

For systems that operate permanently (for example, for servers), security plays a very significant role. Web servers are the foundation of the Internet. They are responsible for the basic services and operation of billions of sites around the world, becoming personal data storages for the users. For every organization that relies on the servers it is important to secure them from the outside attacks.

In recent years, the number of attacks on web servers has increased significantly. As shown on the map below, the geographic location of the server doesn't matter: malicious code knows no borders. The international threat now comes from organized criminal communities engaged in massive collection of passwords, financial information and other data; these aren't just young hacker hooligans. In most cases, the attack occurs with minimal intervention while the malware hosted on servers and sites is intended for infecting the maximum number of users.

Web servers are particularly vulnerable because they are open. They are designed to exchange information with users. An attacker can modify the HTTP server code or server database, or the site pages themselves, changing the original functionality.

However, it is possible to secure the web server. This requires joint action of the site administrators, developers and designers. Things like anti-virus software, operating systems and access rights require constant attention.

This document focuses on some of the common ways compromising the web servers and ways to counteract it.