Five ways to help secure Apache on Linux
Jul 14, 2009, 13:01 (0 Talkback[s])
(Other stories by Jack Wallen)
"With that said, let’s get our Apache security on!
"1. Update, update, update! One of the biggest no nos Linux
administrators make is to “set it and forget it”. This
should not be your standard policy. There are always updates that
close new holes and patch security flaws. This holds true for
Apache as much as it does any other system or application. Keep
watch, using your normal means of update, for any security update
for Apache or any constituent component you have installed. By
doing this you will ensure your web server is safe from any new
known issues.
"2. Disable modules you do not use. If you check the Apache
configuration file. Most often this file is called httpd.conf and
its location will depend upon what distribution you are running
(For example CentOS has this file in /etc/httpd/conf/ whereas
Ubuntu locates it in /etc/apache2). If you examine that file you
will see quite a few modules listed. These modules will look
like:"
Complete Story
Related Stories:
- What is new with Apache Pivot?(Jul 07, 2009)
- Can you see Glassfish as the new Apache?(Jul 07, 2009)
- Apache attacked by a "slow loris"(Jul 06, 2009)
- Getting Started with URL Rewriting with Apache(May 30, 2009)
- Why are you not running Apache? New IIS holes should make you rethink your web server(May 20, 2009)
- Apache's Ongoing Licensing Bout with Sun(Mar 17, 2009)
- Subdomain Redirection Using htaccess And mod_rewrite On Apache For Linux Or Unix(Feb 28, 2009)
- Creating Custom Error Pages on Apache Servers(Feb 21, 2009)
- Dynamic Robots.txt Rules for Apache Security(Feb 06, 2009)
- 3 Apache/httpd Command-Line Options(Feb 03, 2009)
- Apache Basics, Visited(Jan 29, 2009)
- Apache Security: A Watched Bot Never Spoils (Your Server)(Jan 28, 2009)
