HostedDB - Dedicated UNIX Servers

The WWW Security FAQ

The World Wide Web Security FAQ

Lincoln D. Stein <>
Version 2.0.1, March 24, 2000


This information is provided by Lincoln Stein ( The World Wide Web Consortium (W3C) hosts this document as a service to the Web Community; however, it does not endorse its contents. For further information, please contact Lincoln Stein directly.

[down]Table of Contents Forward to Introduction>>


New information on distributed denial of service attacks. See Q88 through Q101 for details.

Do your part to keep the WWW Security FAQ up to date. See below for submitting corrections and updates.


The master copy of this document can be found at

See this page for a listing of mirror sites or if you are interested in becoming a mirror site yourself.


  1. Introduction
  2. What's New?
  3. General Questions
  4. Running a Secure Server
  5. Protecting Confidential Documents at Your Site
  6. CGI Scripts
  7. Safe Scripting in Perl
  8. Server Logs and Privacy
  9. Client Side Security
  10. Specific Servers
  11. Denial of Service
  1. Bibliography

Corrections and Updates

I welcome bug reports, updates, reports about broken links, comments and outright disagreements. Please send your comments to Please make sure that you are referring to the most recent version of the FAQ (maintained at; someone else might have caught the problem before you.

Please understand that I maintain the FAQ on a purely voluntary basis, and that I may fall behind on making updates when other responsibilities intrude. You can help me out by making an attempt to identify replacement links when reporting a broken one, and by suggesting appropriate rewording when you have found an error in the text. Suggestions for new questions and answers are welcomed, particularly if you are willing to contribute the text yourself. ;-)
^Table of Contents Forward to Introduction>>

Lincoln D. Stein (

Last modified: Fri Mar 24 16:18:13 EST 2000