“Apache HTTP Server, also known as Apache is the most used web server software in the world” (Larson & Stephens, 2000). Apache is credited with playing a key role in the growth and development of the World Wide Web and has remained popular since April 1996. In 2009, it was named the first web server to serve over 100 million websites.
There are several ways to make Apache secure. Since there are new loopholes and security risks emerging almost every day, updating the web server to ensure that it works to the maximum of its capability. Moreover, turn off unwanted services and unused modules. Employ mod_security module to filter, regulate expressions, encode URL validation and mask the identity of the server.
Another way of securing Apache is using it with the right user. The root user is the biggest offender, for it can lead to serious issues. The best way to use Apache is to run it as the user and group Apache. Opening the httpd.conf file will check the user and group lines and the entities can be changed to user apache and group apache (Larson & Stephens, 2000).
The Internet Information Server (IIS) is a group of Internet servers that were developed by Microsoft. Some of the internet servers are the web or Hypertext Transfer Protocol (HTTP) server and a File Transfer Protocol (FTP) Server. Microsoft IIS is competing with other servers such as Apache, Sun Microsystems and others.
Protecting and securing the web server will improve its capability against such hackers. One way of doing so is to set up an NTFS instead of IUSER, or any other anonymous username. Moreover, use a software firewall to restrict the end user to access the ports, except port 80 and allow only the developers to access all the ports. Utilizing the Microsoft tools such as ISS Lockdown and UrlScan to lock down the machine (Larson & Stephens, 2000).
Larson, E., & Stephens, B. (2000). Administrating Web servers, security & maintenance. Upper Saddle River, NJ: Prentice Hall PTR.