Apache Security Configuration

Apache Web Server Security Configuration…

Login

Blog History

Apache Web Server Security Configuration
If you are thinking of moving to a self managed service one of the really important things is that you think heavily about security, especially of anything exposed to the web.

If you have apache running then it's crucial to have something that is sniffing your incoming requests and knocking anything that doesn't look right on the head.
Mod Security: http://www.modsecurity.org/
Some patterns for Mod Security to use: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project

Listing Currently Install DSO (Dynamic Shared Objects)

apachectl -t -D DUMP_MODULES

The purpose the above command is to allow you to identify and weed out any modules that are not absolutely required for your particular web applications to run.

Getting some process separation using SUEXEC (SLOW)
http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/
You may need this so that you can further enforce the separation between web sites by having them served as different users.

A Better Way Using fcgid
http://blog.stuartherbert.com/php/2008/10/07/can-you-secure-a-shared-server-with-php-fastcgi/

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.