Solved

Apache protection for XSS

Posted on 2012-03-26
1
354 Views
Last Modified: 2012-08-14
Over the last couple weeks we have received reports regarding cross-site scripting vulnerabilities on our sites.  As part of working to remediate these issues, the question came up about what level of protection we have (or can get) at the Apache layer.  

Could you please suggest how apache can help with preventing XSS?

Thank you
0
Comment
Question by:jayatallen
1 Comment
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37769874
add ModSecurity module and configure it with CRS (Core Rule Set)
start here http://www.modsecurity.org/
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now