Results 1 to 4 of 4

Thread: Apache security

  1. #1

    Apache security

    Hello all: In an earlier post I asked a Q: which logs do I watch when I take my web site prime time? Besides watching the access.log and theerror.log what else do I need to be aware of when I do take the site to the web? I have a firewall installed blocking unused ports only port 80 is visible doing a LANguard scan. Ideas? Thanks, always LearninLinux... ;D

  2. #2

    Re: Apache security

    Hello, It sounds like you're on the right track here. If you don't mind reading alittle, This article has some up to date, good info on apache security.

    System security is also important. Just make sure you're not running any services you don't absolutley need and keep your box as up-to-date as you can with the latest packages and patches.
    Firewalling is good but is only one part of "security" plan. I personally like the iptables/portsentry/snort/chkrootkit configuration. There's a very good portsentry PET on this board and the rest can be found with a quick google search. Chkrootkit can also be run from cron if you wish. As far as scanners go, get yourself a copy of Nmap if you don't already have one. It's very useful for finding weaknesses in your firewall. There's alot of other technologies out there too like tripwire, LIDS, nessus, etc...It depends on how far you want take this whole "security thing" ;D
    I don't know how many computers you have, but if you have a couple, maybe consider running your web server on a different box than your firewall box for added security and put the web server in a DMZ.

  3. #3

    Re: Apache security

    Hello stix: I had figured the firewall was not all that would need, a little more knowledge of the linux system for sure! I am also in the process of learning tethereal, nmap, snort and few other net tools. the web is a great source of info, but the sites like this one are a little more personal. LOL, full of personalities. ;D thanks for the link to the info, always LearninLinux...

  4. #4

    Re: Apache security

    I am also in the process of learning tethereal
    Yep, That's a really good one to analyze your network traffic. I use it's GUI brother Ethereal. I like the fact that it's easy to reassemble your TCP data streams for your reading enjoyment ;D

Similar Threads

  1. Security
    By jj0493 in forum Windows - General Topics
    Replies: 1
    Last Post: 01-14-2007, 04:24 AM
  2. security
    By Chrismmm in forum Windows - General Topics
    Replies: 1
    Last Post: 07-06-2005, 08:57 PM
  3. PC Security
    By Ishtar in forum Windows - General Topics
    Replies: 5
    Last Post: 02-17-2005, 11:12 PM
  4. Your Security
    By Ashcrow in forum Linux - Software, Applications & Programming
    Replies: 9
    Last Post: 06-10-2002, 03:05 AM
  5. Apache user for cgi scripts/best security
    By Blaqb0x in forum Security
    Replies: 2
    Last Post: 04-24-2002, 03:23 AM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts