Apache Security - Ivan Ristic [210]
backdoors, Static Binary or Dynamic Modules
chroot (jail), Putting Apache in Jail (see chroot)
chroot(2) patch, Using the chroot(2) Patch
clients, limiting, Setting Server Configuration Limits
configuration and hardening, Configuration and Hardening, Setting Up the Server User Account, Setting Apache Binary File Permissions, Setting Apache Binary File Permissions, Configuring Secure Defaults, Options directive, AllowOverride directive, Enabling CGI Scripts, Logging, Setting Server Configuration Limits, Preventing Information Leaks, Preventing Information Leaks, Changing Web Server Identity
AllowOverride directive, AllowOverride directive
binary file permissions, Setting Apache Binary File Permissions
CGI scripts, enabling, Enabling CGI Scripts
email address, turning off, Preventing Information Leaks
information leaks, preventing, Preventing Information Leaks
logging, Logging
Options directive, Options directive
root sole write access, Setting Apache Binary File Permissions
secure defaults, Configuring Secure Defaults
server configuration limits, Setting Server Configuration Limits
server identity, changing, Changing Web Server Identity
server user accounts, Setting Up the Server User Account
connection timeout, Setting Server Configuration Limits
-DBIG_SECURITY_HOLE compile option, Per-request change of Apache identity
documentation, Installation and Configuration
installation, System-Hardening Matrix, Installation and Configuration, Installation, Source or Binary, Downloading the source code, Downloading patches, Static Binary or Dynamic Modules, Folder Locations, Installation Instructions, Testing the installation, Selecting modules to install, Selecting modules to install
binary or source, Source or Binary
documentation, Installation and Configuration
folder locations, Folder Locations
module selection, Selecting modules to install
modules, default activation list, Selecting modules to install
patch download, Downloading patches
procedures for, Installation Instructions
source code download, Downloading the source code
static binary or dynamic modules, Static Binary or Dynamic Modules
system-hardening matrix for planning, System-Hardening Matrix
testing of, Testing the installation
jail, Putting Apache in Jail (see chroot)
module repository, Access Control in Apache
mod_parmguard module, Deploying positive security model protection
MPMs, Setting Server Configuration Limits
options, adding and removing, Options directive
PHP integration functions, Running PHP as a Module
Slapper Worm, Putting Apache in Jail
SSL, Apache and SSL, Installing mod_ssl, Generating Keys, Generating a Certificate Signing Request, Configuring SSL, Configuring SSL, Supporting broken SSL clients, Securing the server private key, Ensuring reliable SSL startup, Preventing configuration mistakes, Preventing configuration mistakes
broken SSL clients, Supporting broken SSL clients
certificates, signing, Generating a Certificate Signing Request
configuring, Configuring SSL
directives, Configuring SSL
keys, generating, Generating Keys
mod_ssl, installing, Installing mod_ssl
non-SSL content, Preventing configuration mistakes
reliable startup, Ensuring reliable SSL startup
server private key, Securing the server private key
session issues, Preventing configuration mistakes
SSO, Simple Apache-Only Single Sign-on
apache-protect brute-force DoS tool, Brute-Force Attacks
application logs, Application Logs
apxs third-party module interface tool, Using PHP as a Module
architectures, Network Design (see network architectures)
Argus network monitoring tool, Network Monitoring
assessment, Security Definitions
security phase, Security Definitions
asymmetric (public-key) encryption, Asymmetric Encryption, Asymmetric Encryption, How It All Falls into Place, OpenSSL Benchmark Script
(see also public-key cryptography)
attack surface, Common Security Vocabulary