Return to Main
Install & secure the host operating system
Create an unprivileged user for the Web server daemon
Install the Netscape Enterprise Administration Server
Install the Netscape Enterprise Web Server
Set permissions for Web server directories and files
Disable symbolic links
Configure a controlled CGI area
Disable automatic directory listings
Disable the "exec" form of server side includes
Delete all unneeded files from the HTML document tree
Delete all unapproved CGI scripts
Restrict types of operations (e.g., PUT and POST)
Configure server auditing
Configure appropriate access controls/authentication mechanisms
Ensure that a security banner is displayed on the home page
SSL overview
Generate a public and private key pair for the server
Request a server certificate
Install the server certificate
Install the CA certificate
Configure your server to use SSL
Check Web server logs daily
Periodically archive and flush Web server logs
Do regular backups of system data and test your ability to restore from your backups
