[CentOS] Hardening Apache on CentOS 7
SternData
subscribed-lists at sterndata.com
Sun Jul 9 19:55:38 UTC 2017
On 07/09/2017 11:01 AM, Nicolas Kovacs wrote:
> Hi,
>
> Some time ago one of my public servers (running Slackware64 14.0) got
> attacked and was misused to send phishing emails.
>
> This misadventure made me more concerned about security, so I spent the
> last few weeks catching up on security, reading docs about SELinux and
> how to use it, etc.
>
> I have a public sandbox server running CentOS 7, and I'm currently
> experimenting quite a lot with Apache and how to secure it. My approach
> is very much trial-and-error. I've started with these two articles:
>
> https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/
>
> https://www.tecmint.com/apache-security-tips/
>
> I've also discovered the Nikto vulnerability scanner, and I'm playing
> around with it.
>
> Besides all this, I'd be curious to know your approach in securing
> Apache, the tools you use, maybe the odd do's and don'ts, suggestions,
> some good books and/or online docs about the subject, etc.
>
> Cheers from the sunny South of France,
>
> Niki
>
If you're using PHP, use php-fpm running each host under a different
user. https://wp-root.org/server/install-php-fpm-tcp-unix-sockets-centos/
--
-- Steve
More information about the CentOS
mailing list