Apache security(static compile,jail,obscurity...etc)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Everyone

I was wondering how far you guys go in terms of security. I'm mainly interested in response from people running apps that deal with sensitive data, like credit cards. Do you disable all unneeded modules, compile from source and statically compile every needed module, disabling mod-so? Or is a sudo apt-get apache2 generally good enough for you? Do you jail your apache, if so is internal jailing good enough or do you use external jailing. There are easy steps for security of course, obscuring security information, making sure apache doesn't run as root, etc. Any advice/opinions on this topic would be appreciated. I tend to be extremely paranoid when it comes to a web server and security and its tough to not let the issue consume all your time.

Thanks
AFrieze

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux