Administrating Web Server, Security & Maintenance

© 2000 Lawrence I. Charters

Washington Apple Pi Journal, Vol. 22, no. 5, September-October 2000, pp. 44-46.

Eric Larson and Brian Stephens designed Administrating Web Server, Security & Maintenance as an “interactive workbook” for a course leading to “professional Webmaster certification.” The only thing peculiar about the book is the word “administrating” in the title. Though there are some Windows screen shots right at the start, the book does present a solid introduction to the skills, paranoias and details that go into efficiently and safely operating a Web server, regardless of platform.

There are cynics who will say that anything about Web administration appearing in a book must, by definition, be out of date. This overlooks the fact that the principles of Web administration, or more generally of network administration, are well defined. Furthermore, most of the nay-saying cynics don’t even know these basic principles, having grown up in an overheated, reactive culture that leaps onto the Next Big Thing before fully understanding the Previous Big Thing. This volume packs in a solid body of knowledge that, with a bit of mental discipline, should take you far beyond where the Web’s ambulance chasers will ever go.

Split into two sections, the first part of the book covers Web server administration. Planning your server is covered in detail, as is configuring the server, programming server-side includes, detailing how search engines and Web robots work, and why and how to analyze log files. The second section covers Web security, starting with basic network security and moving to Web server security, CGI security, Web client security risks, online transaction security, and the arcane art of intrusion detection and recovery.

The fill-in-the-blank exercises do get a bit old after a while; it may be suitable for a college workbook, but does anyone like college workbooks? On the other hand, if you’ve ever struggled to explain to a novice what a MIME type was, or how to read a Web log file, or what IP spoofing is and why it is bad, you’ll appreciate both the clarity and the breadth of the book. Highly recommended for Webmasters and wannabe Webmasters.

Eric Larson and Brian Stephens, Administrating Web Server, Security & Maintenance. Prentice Hall, 2000. xxiv, 567pp. $40.00. ISBN 0-13-022534-7.