You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by ja...@morse.com on 2004/03/05 17:21:50 UTC

[users@httpd] Security in apache

Hi,

Is there any documentation about best practice for security?

Thanks in advance,

--------------------------------------------------
Javier Ferruz Rodríguez
MORSE - Servicios Profesionales Madrid


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Security in apache

Posted by Ben Yau <by...@cardcommerce.com>.

>
> javier.ferruz@morse.com wrote:
>
> > Hi,
> >
> > Is there any documentation about best practice for security?
>
> That's way too broad a topic to be answered in any single document.
>
> There is some stuff here:
> http://httpd.apache.org/docs-2.0/misc/security_tips.html
>
> But it is really only the tip of the iceberg.
>
> If you have more specific issues or questions, you might get better
> results by being explicit.
>
> Joshua.
>

And after that, if you end up running any sort of scripting there are a lot
of security things to lock down there as well.  Check out

http://sans.org

for some good general security white papers


>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Security in apache

Posted by Joshua Slive <jo...@slive.ca>.

javier.ferruz@morse.com wrote:

> Hi,
> 
> Is there any documentation about best practice for security?

That's way too broad a topic to be answered in any single document.

There is some stuff here:
http://httpd.apache.org/docs-2.0/misc/security_tips.html

But it is really only the tip of the iceberg.

If you have more specific issues or questions, you might get better 
results by being explicit.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org