[CentOS] Hardening Apache on CentOS 7

Sun Jul 9 16:01:09 UTC 2017
Nicolas Kovacs <info at microlinux.fr>

Hi,

Some time ago one of my public servers (running Slackware64 14.0) got
attacked and was misused to send phishing emails.

This misadventure made me more concerned about security, so I spent the
last few weeks catching up on security, reading docs about SELinux and
how to use it, etc.

I have a public sandbox server running CentOS 7, and I'm currently
experimenting quite a lot with Apache and how to secure it. My approach
is very much trial-and-error. I've started with these two articles:

https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/

https://www.tecmint.com/apache-security-tips/

I've also discovered the Nikto vulnerability scanner, and I'm playing
around with it.

Besides all this, I'd be curious to know your approach in securing
Apache, the tools you use, maybe the odd do's and don'ts, suggestions,
some good books and/or online docs about the subject, etc.

Cheers from the sunny South of France,

Niki
-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Web  : http://www.microlinux.fr
Mail : info at microlinux.fr
Tél. : 04 66 63 10 32