Web Security

How to Remove Meta-characters from User-Supplied Data in CGI Scripts. Available online: <http://www.cert.org/tech_tips/cgi_metacharacters.html> (1999).

Understanding Malicious Content Mitigation for Web Developers. Available online: <http://www.cert.org/tech_tips/malicious_code_mitigation.html> (2000).

Frequently Asked Questions About Malicious Web Scripts Redirected by Web Sites. Available online: <http://www.cert.org/tech_tips/malicious_code_FAQ.html> (2000).

Garfinkel, S. and Spafford, G. Web Security and Commerce. Sebastopol, CA: O'Reilly and Associates, Inc., 1997.

Kossakowski, Klaus-Peter and Allen, Julia. Securing Public Web Servers (CMU/SEI-SIM-011). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2000. Available online: <http://www.cert.org/security-improvement/modules/m11.html>.

Larson, Eric and Stephens, Brian. Web Servers, Security and Maintenance. Upper Saddle River, NJ: Prentice-Hall, 2000.

McCarthy, Vance. "Web Security: How Much Is Enough?" Datamation (January 1997).

Rubin, A. D.; Geer, D.; and Ranum, M. Web Security Sourcebook. New York: John Wiley and Sons, 1997.

Rubin, Aviel and Geer, Daniel. "A Survey of Web Security." IEEE Computer (September 1998).

Soriano, Ray and Bahadur, Gary. "Securing Your Web Server." Sys Admin (May 1999).

Spainhour, Stephen and Quercia, Valerie. Webmaster in a Nutshell. Sebastopol. CA: O'Reilly and Associates, 1996.

Stein, Lincoln. Web Security: A Step-by-Step Reference Guide. Reading, MA: Addison-Wesley, 1998.

Stein, Lincoln. The World Wide Web Security FAQ. Available online: <http://www.w3.org/Security/Faq> (1999).

World Wide Web Consortium. W3C Security Resources. Available online: <http://www.w3.org/Security/> (November 1999).