NIST updates Web server security guidelines

The National Institute of Standards and Technology has released the second draft of its guidelines for securing public Web servers. NIST published its Special Publication 800-44 Version 2, Guidelines on Securing Public Web Servers (PDF), on June 1.

The second draft, researched and published by the computer security division within NIST's Information Technology Laboratory, is intended to help government organizations install, configure and maintain secure public Web servers. It replaces NIST's first version of the guidelines, published in 2002.

The Computer Security Division of NIST's IT lab offers federal agencies resources for securing their computer systems and protecting sensitive unclassified data. Subjects covered in its latest recommendations on Web server security include operating system security, securing Web applications and content, network infrastructure security and secure Web server administration.

NIST will take comments on the current draft until July 6. Comments should be e-mailed to and should reference "Comments SP 800-44" in the subject line.

inside gcn

  • data wrangler

    Data wrangling: How data goes from raw to refined

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group