[users@httpd] Is there any way to encrypt/obfuscate apache conf files

["Bhattacharya, Sudip" <su...@genpact.com>]

Hi All,

Is there any way to obfuscate/encrypt conf files in Apache?

I have put my configuration entries in a separate config file, and am including it in the main httpd.conf file.

My requirement is to encrypt/obfuscate only my custom conf file.

Regards,
Sudip


This e-mail (and any attachments), is confidential and may be privileged. It may be read, copied and used only
by intended recipients. Unauthorized access to this e-mail (or attachments) and disclosure or copying of its 
contents or any action taken in reliance on it is unlawful. Unintended recipients must notify the sender immediately 
by e-mail/phone & delete it from their system without making any copies or disclosing it to a third person.

Re: [users@httpd] Is there any way to encrypt/obfuscate apache conf files

[Pete Houston <ph...@openstrike.co.uk>]

Hello Sudip,

On Fri, Nov 09, 2012 at 01:51:53PM +0530, Bhattacharya, Sudip wrote:
> Is there any way to obfuscate/encrypt conf files in Apache?

I'm not aware of a direct method. Perhaps mod_macro could be used for
obfuscation.

> I have put my configuration entries in a separate config file, and am including it in the main httpd.conf file.
> 
> My requirement is to encrypt/obfuscate only my custom conf file.

I'm sure you have your reasons for this, but it sounds like asking for
trouble. If you just want to stop users reading the file because it
contains sensitive info (like database passwords, maybe?) then perhaps
just a simple

	chown root custom.conf
	chmod 0600 custom.conf

would suffice? You would need to be starting apache as root in order to
bind to the low port numbers anyway and this means that only your custom
file is unreadable by others - httpd.conf could still be read by anyone.

HTH,

Pete
-- 
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107