You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jey <je...@rogers.com> on 2003/02/06 02:40:06 UTC
[users@httpd] Securing Apache
How can I do the following in Windows 2000 server running Apache?
Running Apache as a non root/admin.
Ensuring that only Apache user has Read access to the Web content.
Protect files and directories from modification by users other than root/admin.
Protect against access to server files by blocking default access.
Thanks.
Re: [users@httpd] Securing Apache
Posted by "J. Greenlees" <ja...@x-mail.net>.
Quoting Jey <je...@rogers.com>:
> How can I do the following in Windows 2000 server running Apache?
>
> Running Apache as a non root/admin.
> Ensuring that only Apache user has Read access to the Web content.
> Protect files and directories from modification by users other than > root/admin.
> Protect against access to server files by blocking default access.
>
> Thanks.
1) well not sure about that with win2k
2) you may want to make the web folder world readable, and only sysadmin/apache
writable instead of only apache user readable.
3) to stop any but admin from altering files, make them writable only by admin
4) that is the default with apache.
-------------------------------------------------------------------------------------------
***Protect your PC from local E-Mail Application security holes***
***Maintain your Privacy - Passport Free***
***Anti SPAM "Whitelist" feature***
http://www.x-mail.net Web Based E-Mail, accessible anywhere
Voice Messages, Voice Calls, Live Chat, X-Mail Messenger,
Personal Web Hosting, 128 bit SSL Secure, Calendar, Bookmarks,
Forwarding, Virtual Mail Map Aliasing
X-Mail Premium: 20MB Messages, 100MB Storage, POP3, Ad Free
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org