Apache Security Configuration

Written by James McDonald

August 27, 2011

Apache Web Server Security Configuration
If you are thinking of moving to a self managed service one of the really important things is that you think heavily about security, especially of anything exposed to the web.

If you have apache running then it’s crucial to have something that is sniffing your incoming requests and knocking anything that doesn’t look right on the head.
Mod Security: http://www.modsecurity.org/
Some patterns for Mod Security to use: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project

Listing Currently Install DSO (Dynamic Shared Objects)

apachectl -t -D DUMP_MODULES

The purpose the above command is to allow you to identify and weed out any modules that are not absolutely required for your particular web applications to run.

Getting some process separation using SUEXEC (SLOW)
http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/
You may need this so that you can further enforce the separation between web sites by having them served as different users.

A Better Way Using fcgid
http://blog.stuartherbert.com/php/2008/10/07/can-you-secure-a-shared-server-with-php-fastcgi/

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

Toggen builds a new website

So I have built and hosted a new website for Roger Clark Pest Management they are a family owned and operated Pest...

WizTree

Just downloaded WizTree (not a sponsor) from https://wiztreefree.com/ It seems to do what it says on the tin which is...

Scam call from “Telstra”

Just had a call from a man with a sub-continental accent from caller ID 0734946596 Told me there was problem with my...