« Previous 1 2 3 4
Harden your Apache web server
Batten the Hatches
Conclusions
Sophisticated configuration, timely updates, and well-thought-out security concepts cannot be implemented in the blink of an eye; instead, they require the admin's constant attention. If you follow all the tips in this article on securing your web server, you will not have to worry too much – the floodgates will be leak-tight.
Infos
- Announce mailing list: http://httpd.apache.org/lists.html#http-announce
- Apache Core functions: https://httpd.apache.org/docs/2.4/en/mod/core.html
- Upgrading to 2.4 from 2.2: https://httpd.apache.org/docs/2.4/upgrading.html
- Mozilla HTTP Observatory: https://observatory.mozilla.org/
- Mozilla SSL Configuration Generator: https://ssl-config.mozilla.org
- TLS Checklist Inspector: http://tls-check.de
- SSL Labs: https://www.ssllabs.com
- German cryptographic guidelines: https://www.bsi.bund.de/EN/Topics/Cryptography/CryptoGuidelines/crypto_guidelines_node.html
- Core Rules protections: https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-Frequently-Asked-Questions-(FAQ)#what-attacks-do-the-core-rules-protect-against
« Previous 1 2 3 4
Buy this article as PDF
Express-Checkout as PDF
Price $2.95
(incl. VAT)
(incl. VAT)