The World Wide Web Security FAQ

Lincoln D. Stein <>
Version 1.7.0, January 19, 1998

[down]Table of Contents Forward to Introduction >>

Webmasters: The Excite Web Search engine version 1.1 contains a security hole. See What's New.

Users: Internet Explorer 4.0 and 4.01 contains a serious security hole. See What's New.


The master copy of this document can be found at:
This document is updated every 2 to 4 weeks.

USA Mirrors

Western European Mirrors

Eastern European Mirrors

Asian Mirrors

Australian Mirror

You may mirror this document by copying and unpacking the following tar archive:
You should then set up a cron job to check this site at regular intervals and update your copy. You can use the w3mir program for this purpose. Please send me e-mail if you set up a mirror site in a country that isn't already a mirror sponsor so that I may add you to this list (more Pacific sites needed!).

You can also download this entire document as a ZIP archive:


  1. Introduction
  2. What's New?
  3. General Questions
  4. Running a Secure Server
  5. Protecting Confidential Documents at Your Site
  6. CGI Scripts
  7. Safe Scripting in Perl
  8. Server Logs and Privacy
  9. Client Side Security
  10. Specific Servers
  11. Bibliography

[down]Table of Contents Forward to Introduction >>

Lincoln D. Stein (
WWW Consortium

Last modified: Mon Jan 19 13:01:21 EST 1998