In this chapter, we shine a bright spotlight on the digital battlefield of the Web. We focus on the functional components of a typical Web application, and how they all fit together. Understanding the pieces of the Web puzzle will allow you to assemble a security masterpiece.
In Chapter 5, we hinted at ways in which attackers can figure out what is running on a Web server by simply analyzing URLs. Here we extend those ideas and identify various Web server technologies.
In this chapter we cover:
Building a Web application environment
Connecting components
Identifying various technologies from URLs
Examining errors reported by Web applications and databases
Locking down information leakage
The first half of this chapter familiarizes you with ways in which various technologies work together to host a Web application. The remainder of the chapter arms you with the knowledge and instinct that attackers use to rip apart the functional components of any Web application system.