On 07/09/2017 11:01 AM, Nicolas Kovacs wrote: > Hi, > > Some time ago one of my public servers (running Slackware64 14.0) got > attacked and was misused to send phishing emails. > > This misadventure made me more concerned about security, so I spent the > last few weeks catching up on security, reading docs about SELinux and > how to use it, etc. > > I have a public sandbox server running CentOS 7, and I'm currently > experimenting quite a lot with Apache and how to secure it. My approach > is very much trial-and-error. I've started with these two articles: > > https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/ > > https://www.tecmint.com/apache-security-tips/ > > I've also discovered the Nikto vulnerability scanner, and I'm playing > around with it. > > Besides all this, I'd be curious to know your approach in securing > Apache, the tools you use, maybe the odd do's and don'ts, suggestions, > some good books and/or online docs about the subject, etc. > > Cheers from the sunny South of France, > > Niki > If you're using PHP, use php-fpm running each host under a different user. https://wp-root.org/server/install-php-fpm-tcp-unix-sockets-centos/ -- -- Steve