Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Apache protection for XSS

Posted on 2012-03-26
1
Medium Priority
?
381 Views
Last Modified: 2012-08-14
Over the last couple weeks we have received reports regarding cross-site scripting vulnerabilities on our sites.  As part of working to remediate these issues, the question came up about what level of protection we have (or can get) at the Apache layer.  

Could you please suggest how apache can help with preventing XSS?

Thank you
0
Comment
Question by:jayatallen
1 Comment
 
LVL 51

Accepted Solution

by:
ahoffmann earned 1500 total points
ID: 37769874
add ModSecurity module and configure it with CRS (Core Rule Set)
start here http://www.modsecurity.org/
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Suggested Courses
Course of the Month13 days, 11 hours left to enroll

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question