Scribd
Upload
26 views3 pages

It Ws05 Module

The document is a student module for IT-WS05: Web Applications Security, covering database and local web server setup and configurations. It includes course objectives, module contents on databases, web server setup, security best practices, and troubleshooting techniques. Assessments include an essay and a quiz to evaluate understanding of secure database configuration and web server management.

Uploaded by

zsweqx4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
26 views3 pages

It Ws05 Module

The document is a student module for IT-WS05: Web Applications Security, covering database and local web server setup and configurations. It includes course objectives, module contents on databases, web server setup, security best practices, and troubleshooting techniques. Assessments include an essay and a quiz to evaluate understanding of secure database configuration and web server management.

Uploaded by

zsweqx4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY

IT-WS05: Web Applications Security


Student Module
2nd Semester A.Y. 2024-2025

Prepared By:

ANDREIA D. CARAANG
Lecturer

Checked By:

ALBERT C. BULAWAT, EdD


College Department Head

Approved:

GERARDA R. RIVERA, DPA


Campus Administrator
COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY

IT-WS05: Web Applications Security


Database and Local Web Server Setup with Configurations

Course Description:
This module introduces students to the fundamental concepts of databases and local web servers. It covers database security, setup procedures, and best practices for
managing and securing web applications in a local development environment.

Learning Objectives:
By the end of this module, students should be able to:
1. Understand the purpose and function of databases in web applications.
2. Set up a local web server for development and testing.
3. Configure databases securely to prevent vulnerabilities.
4. Implement best practices for web server security and database management.
5. Troubleshoot common database and server configuration issues.

Module Contents:

1: Introduction to Databases

Definition and Importance of Databases


A database is a system used to store, retrieve, and manage data. In the context of web security, databases hold sensitive information such as user data, passwords, and
transaction records.

Types of Databases (Relational vs. NoSQL)


Relational databases (SQL-based) use structured schemas, while NoSQL databases offer flexibility for unstructured data.
 Basic SQL Commands and Queries
SQL (Structured Query Language) is used for managing and querying databases. Basic commands include SELECT, INSERT, UPDATE, and DELETE.
 Database Security Concerns (SQL Injection, Unauthorized Access)
Security is crucial to prevent attacks such as SQL injection, unauthorized access, and data breaches. Measures include parameterized queries and proper
authentication.

2: Setting Up a Local Web Server

Understanding Local Web Servers


A local server hosts your web application and allows for testing, development, and staging before deployment. Examples include Apache, Nginx, or platforms like
XAMPP for local environments.

Installing and Configuring XAMPP, WAMP, or MAMP


These platforms provide a packaged environment for running a local web server. XAMPP is cross-platform, WAMP is designed for Windows, and MAMP is
optimized for macOS.

Running and Managing Apache, MySQL, and PHP


Apache serves as the web server, MySQL as the database, and PHP as the scripting language. Proper configuration ensures smooth operation and security.

Testing Local Web Applications


Once the local server is set up, applications should be tested for functionality, security, and performance before deployment.

Activity:
 Install XAMPP and create a basic PHP webpage connected to a database.

3: Database Configuration and Security

Using Encrypted Connections (SSL/TLS)


Encrypted connections protect data in transit, preventing interception and unauthorized access.

Proper Access Control (User Authentication and Permissions)


User authentication and permission settings restrict access to sensitive data.

SQL Injection Prevention Techniques


Validating and sanitizing inputs, along with using prepared statements, can prevent SQL injection attacks.

Backup and Recovery Strategies


Regular backups ensure data integrity and disaster recovery in case of failures or breaches.

4: Web Server Security Best Practices


Strong Authentication Mechanisms
Using strong passwords and multi-factor authentication (MFA) enhances security.

Implementing Firewalls and Security Patches


Firewalls prevent unauthorized traffic, and regular updates protect against vulnerabilities.

Preventing Unauthorized Access to Sensitive Files


Secure file permissions and server configurations help restrict access.

Regularly Updating Server Software


Keeping the server software updated helps prevent exploitation of known security flaws.
COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY
5: Troubleshooting and Performance Optimization

Identifying and Fixing Common Server Errors


Common errors include database connection failures, permission issues, and server misconfigurations.

Database Performance Optimization Techniques


Indexing, query optimization, and caching improve database performance.

Handling Server Downtime and Error Logs


Error logs help diagnose issues and maintain system reliability.

Assessment:

Name: ________________________________ Date: ___________________


Year & Section: _______________________ Score: ___________________

1. Essay:

What is the importance of secure database configuration and local web server management in web application development. Explain key security
measures, common vulnerabilities, and best practices for ensuring data integrity and system reliability. Provide real-world examples to support your
answer.
Answer:
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________
________________________________________________________________________________________________

2. Quiz

1. What is the primary function of a database in a web c) FTP


application? d) SMTP
a) Store and manage data 10. What is the best way to handle database backups?
b) Execute scripts a) Backup only when a problem occurs
c) Render webpages b) Perform regular automated backups
d) Manage user interfaces c) Keep all data in a single file
2. Which of the following is NOT a type of database? d) Use weak encryption for backup files
a) Relational Database
b) NoSQL Database
c) XML Database
d) Front-end Database
3. What is the purpose of SQL in a database?
a) Secure web applications
b) Define and manipulate data
c) Optimize server performance
d) Encrypt user passwords
4. Which component of XAMPP is responsible for handling
database management?
a) Apache
b) MySQL
c) PHP
d) Perl
5. What security measure helps prevent SQL injection attacks?
a) Using parameterized queries
b) Allowing all user inputs
c) Disabling authentication
d) Running the database as root
6. Why is it important to regularly update server software?
a) To improve graphical interface
b) To patch security vulnerabilities
c) To increase disk space
d) To add more databases
7. What is the primary function of a firewall in web security?
a) Speed up the website
b) Prevent unauthorized access
c) Increase storage space
d) Optimize SQL queries
8. What command is used to retrieve data from a database?
a) INSERT
b) DELETE
c) UPDATE
d) SELECT
9. Which protocol is used to secure data transmission over the
internet?
a) HTTP
b) SSL/TLS

You might also like