Hi there, I am currently working on a project to create my own HTTP server using Java. The server is working great for generating headers and serving content from the machine. Now that I have the thing working, what are some security measures that I should put in place? Basically I have ServerSocket on port 80 that will allow multiple clients to connect and I use synchronized threads to serve content from a database based on the request headers that are sent. Pretty much what you would expect...

So what steps should I take to make sure that this server is running securely? Is it possible that someone could send commands through this socket or something similar? In other words, I want to make sure that this server is ONLY used for HTTP purposes so I want it to be open to anyone but I don't want anything malicious to get through.