[CentOS] Hardening Apache on CentOS 7

Sun Jul 9 16:08:00 UTC 2017
John Jasen <jjasen at realityfailure.org>

If your site(s) are simple enough, look into modsecurity for Apache web

Also, use either iptables or the built-in firewalld stuff on centos7 to
restrict in/outbound ports.

On 07/09/2017 12:01 PM, Nicolas Kovacs wrote:
> Hi,
> Some time ago one of my public servers (running Slackware64 14.0) got
> attacked and was misused to send phishing emails.
> This misadventure made me more concerned about security, so I spent the
> last few weeks catching up on security, reading docs about SELinux and
> how to use it, etc.
> I have a public sandbox server running CentOS 7, and I'm currently
> experimenting quite a lot with Apache and how to secure it. My approach
> is very much trial-and-error. I've started with these two articles:
> https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/
> https://www.tecmint.com/apache-security-tips/
> I've also discovered the Nikto vulnerability scanner, and I'm playing
> around with it.
> Besides all this, I'd be curious to know your approach in securing
> Apache, the tools you use, maybe the odd do's and don'ts, suggestions,
> some good books and/or online docs about the subject, etc.
> Cheers from the sunny South of France,
> Niki