Hardening A Web Server Infrastructure : An Applied Study of TLS, Reverse Proxy Security, and Attack Simulations
Fazlu Rahman, Ahlam Banu (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025060721416
https://urn.fi/URN:NBN:fi:amk-2025060721416
Tiivistelmä
Securing web servers is crucial due to evolving cyber threats. Despite existing security frameworks, vulnerabilities often arise from misconfigurations, unpatched systems, and incomplete implementations. This thesis explores how to configure and secure modern web server infrastructures effectively against common attacks, ensuring data confidentiality and service availability. The research involves designing, implementing, and evaluating a secure web server architecture using open-source tools and best practices.
This theoretical framework is based on the Confidentiality, Integrity, and Availability (CIA) triad, focusing on key cybersecurity and network security concepts. Implementation occurred in a virtualized test environment using nginx as a reverse proxy and Virtuoso as the backend server. Secure Sockets Layer (SSL) certificates were issued, and penetration testing tools evaluated system vulnerabilities and performance under attack simulations. The system firewalls enforced strict network rules to minimize the attack surface.
The research findings indicate that a layered security approach greatly enhances web server resilience. Key conclusions emphasize the need for proactive testing, secure configuration, and ongoing adaptation of security measures in dynamic environments. The study offers practical guidelines for system administrators and developers to strengthen server security using open-source technologies.
This theoretical framework is based on the Confidentiality, Integrity, and Availability (CIA) triad, focusing on key cybersecurity and network security concepts. Implementation occurred in a virtualized test environment using nginx as a reverse proxy and Virtuoso as the backend server. Secure Sockets Layer (SSL) certificates were issued, and penetration testing tools evaluated system vulnerabilities and performance under attack simulations. The system firewalls enforced strict network rules to minimize the attack surface.
The research findings indicate that a layered security approach greatly enhances web server resilience. Key conclusions emphasize the need for proactive testing, secure configuration, and ongoing adaptation of security measures in dynamic environments. The study offers practical guidelines for system administrators and developers to strengthen server security using open-source technologies.