Hardening web servers and ensuring server security is an important aspect of a vulnerability management program. Attackers could exploit the flaws in web servers which in turn may lead them to gain access to the systems hosting web servers and perform unintended actions.
Web server hardening involves:
This guide will help you understand how to secure web servers hosted on your network using Vulnerability Manager Plus.
Note: Vulnerability Manager Plus supports web server hardening for Apache, nginx, IIS, and Tomcat.
This is applicable only if the resolution involves modifying web server configuration files. Graphical User Interface for accessing and modifying the configurations is not available for any other servers except IIS. Therefore, for Apache, Tomcat and nginx, you need to open the configuration file using a text editor such as notepad, notepad++ and perform the resolution mentioned. For IIS, the modifications to the server configurations can be made through "Internet Information Services(IIS) Manager".