Re: Recommendation for Apache security book

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Check out the NIST and DISA checklist and STIG docs, they are good places to start - their checks are based on industry best practices and Apache httpd CVEs.

http://iase.disa.mil/stigs/downloads/zip/unclassified_web_srr_checklist_apache_v6r1-12_20100423.zip

http://iase.disa.mil/stigs/app_security/web_server/u_apache_2.2_unix_v1r4_stig.zip

Thank the US tax payers =)

Regards,

Steve



On Fri, May 30, 2014 at 12:31 PM, Felix Almeida <Felix.Almeida@xxxxxxxxxxxxxx> wrote:

Hello,

 

I was assigned with the task of preparing a security policy for Apache HTTP servers in my company and, despite I have a few years of experience with it (mostly v2.2), I’d like to have a more formal reference material on which I could base the policy.

 

Please, is there any good (and not so old) book on Apache security out there that you would recommend?

 

I know there is a lot of information on this subject on the net, but as far as I could see they only cover the basics like not using privileged ID, locking down the binaries, logs and directories, .htaccess files, not allowing CGI scripts, etc., which I already know. I’m looking for a book that could cover the basics plus more advanced configurations, again mainly for v2.2 and perhaps also for 2.4.

 

Thank you!!

 






This communication is confidential. We only send and receive email on the basis of the terms set out at www.rogers.com/web/content/emailnotice



Ce message est confidentiel. Notre transmission et réception de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux