Hi,
Some time ago one of my public servers (running Slackware64 14.0) got
attacked and was misused to send phishing emails.
This misadventure made me more concerned about security, so I spent the
last few weeks catching up on security, reading docs about SELinux and
how to use it, etc.
I have a public sandbox server running CentOS 7, and I'm currently
experimenting quite a lot with Apache and how to secure it. My approach
is very much trial-and-error. I've started with these two articles:
https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/
https://www.tecmint.com/apache-security-tips/
I've also discovered the Nikto vulnerability scanner, and I'm playing
around with it.
Besides all this, I'd be curious to know your approach in securing
Apache, the tools you use, maybe the odd do's and don'ts, suggestions,
some good books and/or online docs about the subject, etc.
Cheers from the sunny South of France,
Niki
--
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Web : http://www.microlinux.fr
Mail : info@xxxxxxxxxxxxx
Tél. : 04 66 63 10 32
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
