Filtering for security

I’ve never promoted my filter modules for security applications, but I’ve had it in mind for years.

Then last November, I published a review of Apache security books.  One of those books devotes a full chapter to a case study involving a deeply buggy application, and using filters to protect it.  But the solution presented in the book is almost as scary as the application it’s protecting.  So, I’ve taken that as a cue for an article “Filtering against information disclosure” at ApacheTutor.

Of course, input filters play the most important role in security, whereas this article deals solely with output filters.  So there’s scope to write a lot more!

Posted on March 2, 2007, in apache, security. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: