WebApp Sec mailing list archives
RE: secure Apache build question
From: Bénoni MARTIN <Benoni.MARTIN () libertis ga>
Date: Mon, 6 Sep 2004 10:04:32 +0100
Hi ! Well, to my opinion, securing a web server (Apache, IIS or whatever more) depends on your needs ! To start with (just to start :) ), you can try to launch Bastille Linux (freeware, http://www.bastille-linux.org) on your web server, it has a section about Apache and will help you to configure it. After...well, maybe go on through your httpd.conf, understand each option and set it according to your needs. -----Message d'origine----- De : shawn [mailto:pakkit () codepiranha org] Envoyé : lundi 6 septembre 2004 03:30 À : Haseeb Chaudhary Cc : webappsec () securityfocus com Objet : Re: secure Apache build question Haseeb Chaudhary wrote:
Hi All, I'm looking at building Apache web servers on Solaris and/or Linux. I've been assigned the task of ensuring the build is secure against known vulnerabilities and attack types. I'm a newbie to Apache and would greatly appreciate some links or advice on an easy way to securely build Apache web servers - hopefully in a scripted way. The webservers will eventually go into production and will be facing the internet. I expect to place them behind Arrowpoint load-balancers. All advice would really be appreciated! thanks inadvance, Haseeb
SecurityFocus had an article recently about just that: http://www.securityfocus.com/infocus/1694 Apache is a fairly complex piece of software and everyone tends to configure it differently but the article may get you started... sd
Current thread:
- secure Apache build question Haseeb Chaudhary (Sep 05)
- Re: secure Apache build question Steve Suehring (Sep 05)
- Re: secure Apache build question shawn (Sep 06)
- Re: secure Apache build question Ty Bodell (Sep 06)
- <Possible follow-ups>
- RE: secure Apache build question Bénoni MARTIN (Sep 06)