LinuxQuestions.org - Hardening Apache

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Hardening Apache (https://www.linuxquestions.org/questions/linux-security-4/hardening-apache-322109/)

XaViaR

05-10-2005 04:15 PM

Hardening Apache

Hello,

I would like some help hardening Apache. I plan on installing Apache 2.X from source, and I would like to know what is the best "jailing" method. I read about "mod_chroot" from http://core.segfault.pl/~hobbit/mod_chroot/ . Do you recommend that? What other mods can I use to help secure Apache.?

Would you recommend mod_security for Apache?

Thanks in advance for your help,

-X

xetra

05-14-2005 04:40 PM

heheheheheheh

Well, apache isn't very needy for 'hardening'. Ofcourse giving the 'nobody' user limited privileges and such. Also SSL is very useful. Not much else to secure besided looking at up to date apache httpd servers.

win32sux

05-14-2005 06:25 PM

yeah, mod_security is good for hardening the web applications you run on the server...

http://www.modsecurity.org/

something you could consider for hardening the server in general is to patch the kernel with:

http://www.grsecurity.net/

All times are GMT -5. The time now is 04:23 PM.