LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Apache chrooted? (http://www.linuxquestions.org/questions/linux-server-73/apache-chrooted-692458/)

clau_bolson 12-23-2008 06:05 AM

Apache chrooted?
 
Hi,
five years ago I installed an Apache server in a chroot jail.
I am installing a new server now, on CentOS 5.2.
Apache version is 2.2.3
Trying to find a tutorial on how to chroot Apache on CentOS or RHEL, I can't find any!

Chrooting Apache is not used anymore?
Is there a better way to do the job?
Is it recommended, anyway?
Thanks.

rweaver 12-23-2008 08:08 AM

Quote:

Originally Posted by clau_bolson (Post 3384955)
Hi,
five years ago I installed an Apache server in a chroot jail.
I am installing a new server now, on CentOS 5.2.
Apache version is 2.2.3
Trying to find a tutorial on how to chroot Apache on CentOS or RHEL, I can't find any!

Chrooting Apache is not used anymore?
Is there a better way to do the job?
Is it recommended, anyway?
Thanks.

What you're probably looking for is information on libapache2-mod-security. There are tutorials and documentation available on the web and of course additional information is available at http://www.modsecurity.org/ (much easier to find when you know what to look for.)

I generally run apache as a standard user who has very limited access with suphp and suexec. So that each users scripts are owned by them and execute with their (very limited) privileges. It also lets me make sure that nothing nefarious is being done outside of my /var/www directory.

When I move into the future with my new server setup I'll most likely update to either mod security or look at a slightly different setup. This, however, has worked well so far.

Chrooting apache on any given flavor of linux isn't significantly different, so a debian tutorial is going to largely be similar to a redhat tutorial except for the rpm/deb commands.


All times are GMT -5. The time now is 10:36 AM.