[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Open Source Web Firewall (Part 1) Reverse Proxy with Facebook

From: "Ivan Buetler" <ivan.buetler@xxxxxxx>
Subject: [WEB SECURITY] Open Source Web Firewall (Part 1) Reverse Proxy with Facebook
Date: Wed, 6 Jan 2010 16:50:01 +0100

Hi,

I am recommending the use of web application firewalls in front of the
web server farm. This helps as additional line of defense in case of a
zero day vulnerability. Watch the movie below if you want to learn how
to turn an apache web server into a reverse proxy. For the sake of this
explanation I have chosen "Facebook" as the backend application, but it
could be any application you like. 

http://www.hacking-lab.com/download/


The movie is PART 1 of a series of upcoming reverse proxy and web
application firewall movies. Later, I will show how to turn this
explicit reverse proxy into a web application firewall with
pre-authentication, web filtering, session store (session hiding) that
meets current forensic requirements. 

Feedback is welcomed

Regards
Ivan Buetler
Compass Security, Switzerland
www.csnc.ch



----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

Prev by Date: Re: [WEB SECURITY] Questions about web application penetration testing
Next by Date: RE: [WEB SECURITY] WASC Announcement: WASC Threat Classification v2.0 Published
Previous by thread: RE: [WEB SECURITY] Questions about web application penetration testing
Next by thread: [WEB SECURITY] 2009 - Rise of The Bots
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site