The World Wide Web Security FAQ

Lincoln D. Stein <>
Version 2.0.0, December 20, 1998

[down]Table of Contents Forward to Introduction >>


Your Web site's frames can be hijacked to display unauthorized content. See What's New for details.

Do your part to keep the WWW Security FAQ up to date. See below for submitting corrections and updates.


The master copy of this document can be found at

See this page for a listing of mirror sites or if you are interested in becoming a mirror site yourself.


  1. Introduction
  2. What's New?
  3. General Questions
  4. Running a Secure Server
  5. Protecting Confidential Documents at Your Site
  6. CGI Scripts
  7. Safe Scripting in Perl
  8. Server Logs and Privacy
  9. Client Side Security
  10. Specific Servers
  11. Bibliography

Corrections and Updates

I welcome bug reports, updates, reports about broken links, comments and outright disagreements. Please send your comments to Please make sure that you are referring to the most recent version of the FAQ (maintained at; someone else might have caught the problem before you.

Please understand that I maintain the FAQ on a purely voluntary basis, and that I may fall behind on making updates when other responsibilities intrude. You can help me out by making an attempt to identify replacement links when reporting a broken one, and by suggesting appropriate rewording when you have found an error in the text. Suggestions for new questions and answers are welcomed, particularly if you are willing to contribute the text yourself. ;-)
[down]Table of Contents Forward to Introduction >>

Lincoln D. Stein (
WWW Consortium

Last modified: Sun Dec 20 15:34:34 MET 1998