NIST updates Web server security guidelines

The National Institute of Standards and Technology has released the second draft of its guidelines for securing public Web servers. NIST published its Special Publication 800-44 Version 2, Guidelines on Securing Public Web Servers (PDF), on June 1.

The second draft, researched and published by the computer security division within NIST's Information Technology Laboratory, is intended to help government organizations install, configure and maintain secure public Web servers. It replaces NIST's first version of the guidelines, published in 2002.

The Computer Security Division of NIST's IT lab offers federal agencies resources for securing their computer systems and protecting sensitive unclassified data. Subjects covered in its latest recommendations on Web server security include operating system security, securing Web applications and content, network infrastructure security and secure Web server administration.

NIST will take comments on the current draft until July 6. Comments should be e-mailed to [email protected] and should reference "Comments SP 800-44" in the subject line.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected