Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Writing Hardened Web Applications?

Posted by Unknown on from the i-hear-plain-text-password-databases-are-secure dept.

rhartness writes "I am a long time Software Engineer, however, almost all of my work has been developing server-side, intranet applications or applications for the Windows desktop environment. With that said, I have recently come up with an idea for a new website which would require extremely high levels of security (i.e. I need to be sure that my servers are as 100% rock-solid, unhackable as possible.) I am an experienced developer, and I have a general understanding of web security; however, I am clueless of what is requires to create a web server that is as secure as, say, a banking account management system. Can the Slashdot community recommend good websites, books, or any other resources that thoroughly discuss the topic of setting up a small web server or network for hosting a site that is as absolutely secure as possible?"

2 of 333 comments (clear)

  1. Start with the W3 guide to secure CGI programming by TheEmperorOfSlashdot · · Score: 5, Informative

    http://www.w3.org/Security/faq/wwwsf4.html

    Once you understand the things they recommend and WHY they recommend them, you won't need to ask this question anymore.

  2. OWASP.org by LouTheTroll · · Score: 5, Informative

    Be sure to checkout out all of the fine resources at http://www.owasp.org./ It's the Open Web Application Security Project. All materials, training, libraries, and content are free. There are numerous local chapters also so be sure to search for one in your local area.