Web Server Protection Learning Path

Learn how to implement and monitor the security of a web server or web application. This series of web server training courses focuses on foundational web server security concepts and tools to help prepare you for various real-world situations and technologies. Comprehensive resources teach you to actively look at attacks on a web server or web application and implement countermeasures.

20 hours, 7 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    20 hours, 7 minutes

  • Assessment


About Web Server Protection

The Web Server Protection Learning Path helps you learn the basic concepts and tools to design, evaluate and monitor your web server.

You begin with necessary networking and infrastructure concepts, allowing you to apply those concepts to your platform's design, preparation and installation. As you progress through nine web server security courses, you build defense-in-depth skills that allow you to design or improve your server protection platform defenses and implement and maintain a monitoring strategy that fits your business needs.

Who is this learning path for?

A security expert designed this series of web server courses to ensure new hires have the knowledge and hands-on skills to perform on the job. They are for anyone who manages and wants to learn skills. This includes:


By the end of this learning path, you will understand:

  • Hardening networks, hosts, web servers and applications
  • Implementing web server controls
  • Using command-line utilities to test web servers and extract logs
  • Maintaining an efficient web application firewall configuration
  • Deploying active defense mechanisms



Web Server Protection Skill Assessment

Assessment - 53 questions

Introduction to the Web

Course - 01:58:00

This course provides a brief review of the history of the internet and how it leverages IP for routing, TCP for message delivery, DNS for domain name translation, and HTTP and HTTPS protocols for exchanging messages between clients and servers. Improve or refresh your knowledge of the TCP/IP suite, HTTP and TLS.
Infrastructure Components

Course - 02:18:00

This course introduces diverse infrastructure components and how those components are used to provide web server services. You'll refresh or expand your knowledge of web servers, the cloud, content delivery networks, firewalls, load balancers, web application firewalls, intrusion detection systems and file integrity monitoring.
Preparation - Design Considerations

Course - 01:09:00

This course covers the N-tier design advantages and the considerations and impact of diverse business requirements to the implementation of a web server. You'll learn the CIS security controls, the CIS controls types and the implementation groups for the purpose of easing its adoption and monitoring.
Preparation - Hardening

Course - 02:19:00

In this course you'll learn how different components require hardening and what elements are involved in the hardening of network, host, web server and application to secure the web server. You'll review some of the tools that can help to verify or audit the correct implementation of secure configurations.

Course - 01:43:00

This course covers the meaning of some of the fields available in the different web servers and the different types of logs available. You'll learn how to customize the log format in Apache, NGINX, IIS, ModSecurity and HAProxy in order to have the information relevant to your particular use case available in the logs.
Command Line

Course - 02:19:00

This course highlights some of the features on command-line utilities available on most distributions and how to use those tools for testing the web server state, performing transactions, finding and extracting info from the logs, generating basic reports, and if required, decoding the data from various formats. You'll also review some of the CyberChef web application capabilities related to visualizing and decoding data.
Web Application Firewalls

Course - 01:58:00

This course covers the different types of configurations of a WAF and how to maintain an efficient WAF configuration. You'll explore the components of the ModSecurity rules and the protections against the different types of attacks available from the OWASP core ruleset. You'll also learn the capabilities and limitations of virtual patching using a WAF.

Course - 02:40:00

Learn about the considerations for planning a web server platform for monitoring and log collection, as well as the importance of time synchronization and identifying characteristics of what normal is in a web application in order to leverage that knowledge for identifying anomalies. The course also includes an introduction to Security Onion and network security monitoring and how to use it to monitor the webserver traffic. You'll also learn considerations for setting up good alerts.
Active Defense

Course - 00:52:00

This course covers some of the active defense alternatives that allow the web server to prevent and delay attacks. You'll learn the basic fail2ban configuration files and how to configure fail2ban to actively identify patterns on the logs in order to monitor ModSecurity anomalies and errors, blocking traffic at the network level.

Meet the author

Manuel Leos Rivas

Manuel Leos Rivas earned a bachelor’s degree in Business Administration and Computer Systems Engineering at the Universidad Autónoma de Nuevo Leon in Mexico and a Master of Science in Information Security Engineering with focus on Incident Response at the SANS Technology Institute. He holds over 50 cybersecurity-related certifications from GIAC, CompTIA, isc2, and AWS, among others.

Manuel has worked in cybersecurity for over 20 years in four different countries. He started his career in IT/Information security in 2000 as Network and Firewall Administrator in Mexico. Later in 2007, he switched to information security as Security Analyst and compliance coordinator.

In 2011, he started working for Gemalto (now Thales DIS). Gemalto relocated Manuel to France as Solution Security Expert and a few years later to Canada to work as Cloud Security Engineer for Gemalto. At Gemalto, Manuel managed ModSecurity Web Applications Firewalls protecting over a thousand websites and applications. He implemented hardening and multiple SIEMs in highly secured environments for large multinational companies in diverse sectors like banking and mobile network operators.

Since 2016, Manuel has committed part of his time to improving the OWASP ModSecurity Core Rule Set as one of the OWASP CRS developers and contributed numerous improvements to the project.

AWS Canada hired Manuel in 2019 as Cloud Security Architect to provide professional services to Public Sector companies, including government, education, health, insurance, and power utilities.

In 2021 Manuel relocated to the United States of America to work for Backblaze as Cloud Security Architect.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo