Top 7 Ways For A More Secure Apache System
Top 7 Ways For A More Secure Apache System
Apache HTTP is one of the most widely used Web server software in the world today, with more than 100 million Web sites using it. And because it is open source, it is a very dynamic and has become a robust Web server it is today. What is more, it is free to download and use. It is no wonder than more than half of all Web sites are using Apache!
Here are the top 7 tips for Apache security:
1. Keep it updated.
Like everything else on your system like anti-virus software and Web servers, you would need to keep it updated to ensure that all security issues that are found after the release is plugged and secured. You can subscribe to the Apache HTTP Announcements List by e-mailing announce-subscribe@httpd.apache.org to keep on top of new versions or patches.
2. Restrict permissions to root where applicable
Apache is most often started by the root user, so you should ensure that every command that is executable only by root users should not be modifiable by non-root users. This rule applies not only to commands but also to files, directories and parents.
3. Enable suexec
Enabling suexec can isolate the potential damage created by a SSI file or even a CGI Script.
4. Do not enable server side includes for .html files
Server side includes or SSI can increase the load on your server. This is because Apache parses EVERY SSI-enabled files. Therefore, if you enable SSI for ordinary html files, it would mean that Apache would parse every Web page on your server. It is better to assign a different extension for SSI, like using .shtml instead of .htm or .html.
5. Use only CGI scripts from authors you trust.
CGI Script writers can often create CGI scripts or programs that have security holes in it. When you are using CGI scripts, you should be wary that these scripts can run commands that can use the permissions of the user. Also these security holes can create ways with which hackers can attack your system.
6. Stop other people users from creating .htaccess files.
.htaccess files can enable users to override security features you specified, so it might be best to protect your system settings by not allowing overrides in your server configuration files. A simple “Allowoverride none” code in the section of your config file could prevent the utilization of .htaccess files.
7. Use a Web Application Firewall
Now that you have a robust and secure system, an added level of protection is to use a Web application firewall that can filter out unwanted data that you receive on your Web site. The Web application firewall can prevent you from getting viruses, malware and can thwart attempts to exploit vulnerabilities on your system by simply dropping or blocking out these content on data packets you receive.
Information Security Consultant
Article from articlesbase.com
Find More CGI Scripting Articles
Incoming search terms:
- top apache security problems
Related posts:
- apache ant free download
- download lots of actionscript, asp.net,C sharp,C++, visual C++, algorithm and data structure, bsd, java, css, html, javascript,php, mysql, xml, apache
- Secure use of cookies
- Some tricks for apache security
- Secure ASP DOT NET coding practice for three most critical vulnerabilities in Web Application
Leave a Reply