Re: Linux Web Server Hardening (LAMP + Wiki)

[Joerg Stephan <johe.stephan () ymail com>]

> Don't use Linux. It is insecure. Use Windows or one of the BSDs.
> All are much more secure.


Hi there,

so this is really your opinion?

All security issues are mostly against the running service not the os itself and the service didnt change if you use a 
different OS, on BSD systems it is handwork needed to run the update, most linux OSes have a autoupdate feature.  
Therfore you should take a look at hardening the components like 

* Apache : mod_security, su_exec, etc, maybe you wanne chroot the whole webservice ( or jail it)
* MySQL: set listening address to localhost only
* php: use stable release 

On Ubuntu (for example) you should use auto updates for critical security updates and try to use the mediawiki from the 
repository.

General on Linux system you should use a firewall and let services listen only to local ip addresses.

Regards? 

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------