Q

Securing a server for e-commerce

I have a business, and I want to set up a server so that my customers' information will be secure while they are shopping online. What security program do you recommend that I install? How do I go about it?
Unfortunately, there is no easy answer to your question. There are several guidelines for securing servers depending upon whether they are Unix-based Apache servers or Microsoft IIS servers. These are available from SANS, NSA and other places. There is also a tip on searchSecurity for protecting your Web servers.

Clearly, you will want all sensitive traffic to be protected by SSL or other encryption between your customers and your Web server. If any information is stored on the Web server, it should be encrypted. If you are using third party hosting services, you will need to find a way to get that information back to you securely. You might be interested in a paper I wrote in 1999 entitled, Are Secure Internet Transactions Really Secure?

However, there is no single magic program to install that makes your server secure.


For more information on this topic, visit these other searchSecurity resources:
  • Web Security Tip: SQL Server user-security checklist
  • Web Security Tip: ASP.NET authentication: Three new options for Web services
  • Infosec Bookshelf: SQL Server Security -- Chapter 2, Under Siege: How SQL Server is Hacked
  • This was first published in August 2004

    Dig deeper on Web Server Threats and Countermeasures

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close