Linux Today: Linux News On Internet Time.

More on LinuxToday

PlanetIT: Emerging Technology: Maximizing Apache Server Security

Jul 19, 2000, 22:25 (0 Talkback[s])
(Other stories by Ramón Hontañón)

"The mind-boggling phenomenon that made the World Wide Web a household name has been fueled, in part, by the availability of a robust, fully functional, freely available HTTP server package. Apache, named for its origin as a patch to the original National Center for Supercomputing Applications (NCSA) HTTP implementation, is estimated to be utilized by over six million Web sites, including both commercial and educational installations."

"According to a recent survey conducted by Netcraft (www.netcraft.com), Apache accounts for roughly 60 percent of the Web servers in use today. Microsoft's Internet Information Server (IIS) is a distant second at 20 percent. As its popularity increases, the Apache Software Foundation (www.apache.org) remains focused on providing a full-featured, open source HTTP server, while also addressing the security needs of the enterprises that rely on the features exclusive to Apache."

"Apache's flexibility enables its core team to quickly implement new features and enhancements, creating a product that is substantially faster and more efficient than most of its competitors (including commercial products). However, does ?free? come at a price when it comes to security? It doesn't have to. The diligent network manager will quickly recognize the advantages of choosing a platform that is field-tested on more than six million Web servers and runs on 17 operating systems."

"However, the question still remains: Is Apache the most secure HTTP server available? The answer is simple: Apache can be made to be the most secure, and this article will show you how. Please note that I will concentrate on the Unix variant of Apache. While a Windows NT port is available, it has yet to reach the level of maturity currently enjoyed by the Unix version."

Complete Story

Related Stories: