I am using a layer 7 application firewall. My security design is such that traffic allowed beyond the firewall to the web server is deemed clean. To check sessional and sql injection vulnerabilities, would it be logical to refer such traffic by the firewall to the apache for authentication before transaction is completed? On Thu, Sep 29, 2011 at 6:06 PM, Odhiambo Washington <odhiambo@gmail.com>wrote:
One of the Apache's mod_auth_* with some .htaccess - at it's simplest. Your question doesn't seem quite specific, unless it's just my (lack of) understanding. So *Apache* is a guess. You could be using anything out there - there are many web server apps...
On Thu, Sep 29, 2011 at 18:01, bernard ajwang <ben@idealtents-ug.com>wrote:
Dear Skunkers, I require a solution to authenticate remote webmasters on a web server that bypasses web application firewall deployed for the public. Reason being, I want to actively filter all sessional traffic inbound from public while I wish to let my webmasters use CMS to update their sites.
Any suggestions will be highly appreciated. If you know of a possible source that can be procured, I would be happier to discuss this.
Regards,
Bernard
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
