Web Enabling Your HP 3000
• Securing the web server. Most web security incidents are caused by improperly configured
Internet software. The software could be the web server itself, or applications run by the web
server such as CGI programs. However, CGI introduces major security vulnerabilities because
CGI allows a client to activate custom programs on the server. A CGI program may have a
security hole that allows an intruder to execute unauthorized commands or to discover infor-
mation about the system. The following are some common practices and guidelines for run-
ning a web server:
• Configure the web server to restrict access control to directories and files based on host-
name, IP address, user name and passwords.
• Store CGI programs in a central location and evaluate the CGI programs before using them.
• Disable unneeded insecure web server features such as server side includes, symbolic links,
user-supported directories, automated directory listing, etc.
• Run a secure web server and enable SSL for secure transactions to ensure the privacy and
integrity of data transferred over the Internet.
• Constantly monitor new Internet security vulnerabilities. Update the operating system and the
web server with security patches as soon as they are available.
It is important to understand the potential risks of deploying Internet-enabled applications and to
provide security architecture with integrated solutions that let you build a strong defense against
potential Internet pitfalls. HP continues to evaluate and monitor the security needs for your
e3000 Internet solutions, and will continue to refresh the platform with key security technologies
and security-enabled services. Our goal is to ensure that the HP e3000 customers and their busi-
nesses are successful by providing a worry-free, secure environment to seamlessly integrate their
solutions into the Internet and the e-services world.
18