Re: Hardening Apache on CentOS 7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



If your site(s) are simple enough, look into modsecurity for Apache web
servers.

Also, use either iptables or the built-in firewalld stuff on centos7 to
restrict in/outbound ports.



On 07/09/2017 12:01 PM, Nicolas Kovacs wrote:
> Hi,
>
> Some time ago one of my public servers (running Slackware64 14.0) got
> attacked and was misused to send phishing emails.
>
> This misadventure made me more concerned about security, so I spent the
> last few weeks catching up on security, reading docs about SELinux and
> how to use it, etc.
>
> I have a public sandbox server running CentOS 7, and I'm currently
> experimenting quite a lot with Apache and how to secure it. My approach
> is very much trial-and-error. I've started with these two articles:
>
> https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/
>
> https://www.tecmint.com/apache-security-tips/
>
> I've also discovered the Nikto vulnerability scanner, and I'm playing
> around with it.
>
> Besides all this, I'd be curious to know your approach in securing
> Apache, the tools you use, maybe the odd do's and don'ts, suggestions,
> some good books and/or online docs about the subject, etc.
>
> Cheers from the sunny South of France,
>
> Niki

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux