In this chapter, we shine a bright spotlight on the digital battlefield of the Web. We focus on the functional components of a typical Web application, and how they all fit together. Understanding the pieces of the Web puzzle will allow you to assemble a security masterpiece.
In Chapter 5, we hinted at ways in which attackers can figure out what is running on a Web server by simply analyzing URLs. Here we extend those ideas and identify various Web server technologies.
In this chapter we cover:
· Building a Web application environment
· Connecting components
· Identifying various technologies from URLs
· Examining errors reported by Web applications and databases
· Locking down information leakage
The first half of this chapter familiarizes you with ways in which various technologies work together to host a Web application. The remainder of the chapter arms you with the knowledge and instinct that attackers use to rip apart the functional components of any Web application system.