“With millions of computers worldwide connected onto a
common backbone, software installation is no longer a “plug and
play” affair. This is especially true of software designed to serve
documents on the Web. It is not possible to merely sit back and
enjoy the benefits of running Web-enabled software. Instead
one must be proactive in ensuring that the software, and the
information it gathers, remains secure, uncorrupted and to the best
extent possible, incorruptible. Nowhere is this more true than for
e-commerce software, such as AllCommerce.”
“There is no best way to do this except to be paranoid about
every detail, pay attention to security alerts and trust no one.
Fortunately, Apache has some recommendations. Here is how to put
them in practice for AllCommerce.”
“The basic procedure is to start by nailing *everything* down to
the most secure configuration. Then, as needed, enable individual
capabilities. Let’s start with the Apache server file ownership and
permissions.”