Linux Symposium

July 13th-16th, 2010
Ottawa Westin
Ottawa, Canada

Register / Login / Submit Proposal

Presentations Keynotes Summits
Presentations
Tutorials
Lightning Talks
BOFS

Event Details Schedule
Venue
Travel & Hotel
Costs

FAQ

Media
Archives
Contact

Home



Multilayer web application security: from SELinux to ModSecurity

Konstantin Ryabitsev (konstantin.ryabitsev@mcgill.ca)

Robust web application security involves many layers -- from the operating system, to the web server, to the application code itself. This tutorial will look at most common web vulnerabilities (cross-site scripting, SQL, code and shell injections, cross-site request forgery, session hijacking, session fixation, etc), and offer best-practice advice on avoiding them in your web application. We will then investigate additional security tools available under Linux: SELinux to set up a strict sandbox around your webserver, mod_suPHP and Suhosin to help secure your PHP installations, and ModSecurity to help intercept web attacks before they even get to your application.

Basic knowledge of HTTP and Apache is required.



Gold Sponsors
Silver Sponsors
Bronze Sponsors
Wireless Networking

register | call for papers

Copyright © 2010 Linux Symposium Inc. All rights reserved.
Linux is a registered trademark of Linus Torvalds.