WebApp Sec mailing list archives
Re: secure Apache build question
From: Steve Suehring <csec () braingia org>
Date: Sun, 5 Sep 2004 22:02:18 -0500
Hello, Without knowing the final use of the servers (web hosting provider, business, etc): -Don't install extra modules for Apache. Only use those modules as are necessary for the server and related functions to run properly. -Check out mod_security -Install Apache into a chroot and apply the grsecurity patch. -Disable unnecessary services, keep software up to date, and everything else one would do to secure any type of server. -Consider deployment behind a reverse proxy. -Look out for scripting languages (take great care to secure them, etc). Steve =========================================================== = Steve Suehring, Editor - LinuxWorld Magazine = = GPG: 82CC 4404 4C45 4EE9 C5FF B373 C3E5 D2B7 25A8 2B8D = = Home Page: http://www.braingia.org/ = =========================================================== On Thu, Sep 02, 2004 at 08:02:28AM +0100, Haseeb Chaudhary wrote:
Hi All, I'm looking at building Apache web servers on Solaris and/or Linux. I've been assigned the task of ensuring the build is secure against known vulnerabilities and attack types. I'm a newbie to Apache and would greatly appreciate some links or advice on an easy way to securely build Apache web servers - hopefully in a scripted way. The webservers will eventually go into production and will be facing the internet. I expect to place them behind Arrowpoint load-balancers. All advice would really be appreciated! thanks inadvance, Haseeb
Current thread:
- secure Apache build question Haseeb Chaudhary (Sep 05)
- Re: secure Apache build question Steve Suehring (Sep 05)
- Re: secure Apache build question shawn (Sep 06)
- Re: secure Apache build question Ty Bodell (Sep 06)
- <Possible follow-ups>
- RE: secure Apache build question BĂ©noni MARTIN (Sep 06)