Securing Apache 2: Step-by-Step
This article shows how to install and configure Apache 2.0 to minimize the risk of unauthorized access or successful break-in, even if new security vulnerabilities in Apache web server are found. Thus, it will be possible to enjoy the new features of Apache 2.0 without worrying too much about its security bugs, regardless if they are only imaginary, or are in fact real and serious threats.
Read the Article
|
Securing Apache: Step-by-Step
This article shows in a step-by-step fashion, how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found.
Read the Article
|
Using User Authentication
There are two ways of restricting access to documents: either by the hostname of the browser being used, or by asking for a username and password. The former can be used to, for example, restrict documents to use within a company. However if the people who are allowed to access the documents are widely dispersed, or the server administrator needs to be able to control access on an individual basis, it is possible to require a username and password before being allowed access to a document. This is called user authentication.
Read the Article
|
DBM User Authentication
If you want to use DBM format files with Apache, you will need to make sure it is compiled with DBM support. By default, Apache cannot use DBM files for user authentication, so the optional DBM authentication module needs to be included. Note that this is included in addition to the normal user authentication module (which uses plain text files, as explained in the previous article). It is possible to have support for multiple file formats compiled into Apache at the same time.
Read the Article
|
Using Apache with suexec on Linux
The Apache Web server, like most if not all of the others in common use today, lets you execute arbitrarily complex operations through the use of CGI scripts. These can involve database lookups, system administration functions, real-time control of machinery, online payments, or almost anything else of which you can think.
Read the Article
|
Security and Apache: An Essential Primer
The specific attack type in question cannot be stopped by Apache, even though it may be aimed at the Web site. Apache is just a software application running on the system; these attacks are aimed at the systems themselves. But for less extreme cases, Apache's implementation of the Web security mechanisms, when properly implemented, should be more than adequate to protect your sensitive pages from exposure.
Read the Article
|
Apache 2 with SSL/TLS: Step-by-Step, Part 1
This article begins a series of three articles dedicated to configuring Apache 2.0 with SSL/TLS support, in order to ensure maximum security and optimal performance of secure web communication. This part introduces key aspects of SSL/TLS and then shows how to compile and configure Apache 2.0 with support for these protocols.
Read the Article
|
Apache 2 with SSL/TLS: Step-by-Step, Part 2
Part two of the Apache2 with SSL/TLS series offers mod_ssl recommendations and then discusses three different ways to sign a certificate, including setting up a local Certificate Authority using OpenSSL.
Read the Article
|
Apache 2 with SSL/TLS: Step-by-Step, Part 3
This article concludes our three part series dedicated to configuring Apache 2.0 with SSL/TLS support, for maximum security and optimal performance of SSL based e-commerce transactions.
Read the Article
|
