Feature Set
MPE documents | |
 Complete PDF | |
| Table of Contents | |
| Glossary | |
| Index | |
| E0802 Edition 6 | |
| E0701 Edition 5 | |
| E0400 Edition 4 ♥ |
NOT a substitute for a firewall (explicitly allow acceptable connections, etc.)
NOT a substitute for good host security practices (change default passwords, keep the OS up-to-date, etc.)
NOT a substitute for good application security practices (use appropriate file and user security, carefully validate all input data, etc.)
NOT a substitute for good human security practices (communicate the importance of protecting sensitive or proprietary data, no password sharing, etc.)
SSLv2.0, SSLv3.0, and TLSv1.0 Protocols
These protocols lie between the HTTP and TCP/IP protocol layers and provide secure, authenticated, encrypted communications between the HP WebWise MPE/iX Secure Web Server server and browser clients.
X.509 Digital Certificates
Signed by external trusted Certificate Authorities, X.509 certificates provide authentication for both the HP WebWise MPE/iX Secure Web Server and browser clients.
Flexible Encryption Cipher Configuration
HP WebWise MPE/iX Secure Web Server permits you to configure a wide variety of encryption ciphers, ranging from high-grade domestic-only algorithms to algorithms suitable for export.
Additional Log Files
Two new log files, ssl_engine_log and ssl_request_log, allow you to log various events associated with secure web requests.
Painless Migration of Existing Apache Content
Your existing non-secure Apache content can be migrated without change to HP WebWise MPE/iX Secure Web Server and the SSL/TLS protocols. This includes CGI applications, which will have access to a wide variety of new security-related environment variables under HP WebWise MPE/iX Secure Web Server that will permit granular, custom security checking.
New Functionality
HP WebWise MPE/iX Secure Web Server is based on Apache 1.3.9 and introduces the following new Apache functionality that has either been added to Apache since 1.3.4 or ported to MPE/iX for the first time:
- mod_digest
MD5 digest-based user authentication described in RFC2617.
- mod_proxy
Ftp and http proxies and caching. Support for forwarding to remote proxies, cache size, and cache expiration configuration.
- mod_rewrite
Powerful regexp-based matching rules for rewriting an incoming browser URL request to a different server URL or server file. Useful in large, dynamic environments where content structure changes frequently. For advanced users only.
- mod_so
Dynamic Shared Objects (DSOs). Allows add-on Apache modules to be built in external NMXLs and loaded at HP WebWise MPE/iX Secure Web Server startup time.
- mod_vhost_alias
Allows specification of flexible configuration directory names that simplify hosting large numbers of virtual web servers on the same machine.
Bundled Modules
The following modules are statically linked into HP WebWise MPE/iX Secure Web Server (this list can be viewed by running HTTPDS with the -l option: /APACHE/SECURE/HTTPDS -l):
mod_access
mod_actions
mod_alias
mod_asis
mod_auth
mod_auth_anon
mod_autoindex
mod_cern_meta
mod_cgi
mod_digest
mod_dir
mod_env
mod_expires
mod_headers
mod_imap
mod_include
mod_info
mod_log_agent
mod_log_config
mod_log_referer
mod_mime
mod_mime_magic
mod_negotiation
mod_proxy
mod_rewrite
mod_setenvif
mod_so
mod_speling
mod_ssl
mod_status
mod_unique_id
mod_userdir
mod_usertrack
mod_vhost_alias
mod_example (see /APACHE/SECURE/libexec/README and mod_example.c
|
System Requirements |
Compatibility With Apache for MPE/iX |