Proprietary web sever vs IIS

Viewing 2 reply threads
  • Author
    Posts
    • #8813
      mike03776
      Participant

      Hi all,

      I’m just here looking for opinions really.

      We have our own “home brew” webserver, which is incredibly dumb and is only capable of handling simple http get and post requests. This server also currently implements a simple login system, which is communicated in plaintext over http as url parameters. The intention is to implement https so as to encrypt all of the traffic between the client and the webserver. This is all well and good, however I am worried about the security risks involved with running your own webserver vs porting it to a 3rd party webserver like IIS, and which would be more secure.

      I understand this question is a little on the vague side, but opinions would be useful in deciding which direction to venture.

    • #54167
      cyber.spirit
      Participant

      security is not one thing my friend even if you implement HTTPS,
      there is thousands of ways that a hacker might use to compromise
      your server in other hand the web server might not have any
      vulnerability but for example your web application is vulnerable
      to XSS, SQL injection and etc. Even if you secure your server and
      web application, a hacker can use man in the middle attacks to find passwords
      on your network!

      The best way to determine the level of security in your environment
      is to perform a black box penetration test and your scope must be the
      servers and network and web application.

      and about HTTPS i guess your using self-signed certificate which has
      no value for you because everyone can generate a self-signed certificate.

      Good luck my friend and keep in mind that security is very complex because
      hackers are very complex!!!

    • #54168
      Henry864
      Participant

      For some time, Apache and Microsoft have commanded the lion’s share of the Web server market. While Apache is the clear-cut winner in the Netcraft and Security Space monthly surveys, Internet Information Server dominates among Fortune 1000 enterprises.
      SWatch Reader Favorite! IIS and Apache are the two most widely deployed Web servers. Not surprisingly, each has a loyal and vehement following. This tutorial goes beyond the noise to compare execution environments, dynamic components, security and authentication, performance, and reliability.

      Both are viable choices, and each carries its own set of pros and cons.

      With Apache 2.0 in production release since mid-2002 and IIS 6.0 shipping since earlier this year, we’ve decided the time has come to run a feature-by-feature comparison of the two servers to help readers better determine which server suits their needs.

Viewing 2 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?