Menu

IT Infrastructure Blog                             

Provide an Articles and Tutorials                                                            

Apache Web Server Hardening & Security Guide

Table Of Contents

Securing ApacheSecure Apache Web Server - Practical Guide

 

1       Introduction

The Web Server is a crucial part of web-based applications. Apache Web Server is often placed at the edge of the network hence it becomes one of the most vulnerable services to attack. Having default configuration supply many sensitive information which may help hacker to prepare for an attack the web server.

The majority of web application attacks are through XSS, Info Leakage, Session Management and PHP Injection attacks which is due to weak programming code and failure to sanitize web application infrastructure. According to the security vendor Cenzic, 99% of tested applications have vulnerabilities. Below chart from Cenzic shows the vulnerability trend report of 2013.

Cenzic Report

This practical guide provides you the necessary skill set to secure Apache Web Server.  In this course, we will talk about how to Harden & Secure Apache Web Server on Unix platform. Following are tested on Apache 2.4.x and I don’t see any reason it won’t work with Apache 2.2.x.

  • This assumes you have installed Apache on UNIX platform. If not, you can go through Installation guide. You can also refer very free video about how to Install Apache, MySQL & PHP.
  • We will call Apache installation directory /opt/apache as $Web_Server throughout this course.
  • You are advised to take a backup of existing configuration file before any modification.

1.1  Audience

This is designed for Middleware Administrator, Application Support, System Analyst, or anyone working or eager to learn Hardening & Security guidelines. Fair knowledge of Apache Web Server & UNIX command is mandatory.

This is seven page guide, click on Next to proceed. You may navigate through table of contents at right hand side.


Prev Next »

back to top