Hi, Some time ago one of my public servers (running Slackware64 14.0) got attacked and was misused to send phishing emails. This misadventure made me more concerned about security, so I spent the last few weeks catching up on security, reading docs about SELinux and how to use it, etc. I have a public sandbox server running CentOS 7, and I'm currently experimenting quite a lot with Apache and how to secure it. My approach is very much trial-and-error. I've started with these two articles: https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/ https://www.tecmint.com/apache-security-tips/ I've also discovered the Nikto vulnerability scanner, and I'm playing around with it. Besides all this, I'd be curious to know your approach in securing Apache, the tools you use, maybe the odd do's and don'ts, suggestions, some good books and/or online docs about the subject, etc. Cheers from the sunny South of France, Niki -- Microlinux - Solutions informatiques durables 7, place de l'?glise - 30730 Montpezat Web : http://www.microlinux.fr Mail : info at microlinux.fr T?l. : 04 66 63 10 32
If your site(s) are simple enough, look into modsecurity for Apache web servers. Also, use either iptables or the built-in firewalld stuff on centos7 to restrict in/outbound ports. On 07/09/2017 12:01 PM, Nicolas Kovacs wrote:> Hi, > > Some time ago one of my public servers (running Slackware64 14.0) got > attacked and was misused to send phishing emails. > > This misadventure made me more concerned about security, so I spent the > last few weeks catching up on security, reading docs about SELinux and > how to use it, etc. > > I have a public sandbox server running CentOS 7, and I'm currently > experimenting quite a lot with Apache and how to secure it. My approach > is very much trial-and-error. I've started with these two articles: > > https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/ > > https://www.tecmint.com/apache-security-tips/ > > I've also discovered the Nikto vulnerability scanner, and I'm playing > around with it. > > Besides all this, I'd be curious to know your approach in securing > Apache, the tools you use, maybe the odd do's and don'ts, suggestions, > some good books and/or online docs about the subject, etc. > > Cheers from the sunny South of France, > > Niki
On 07/09/2017 11:01 AM, Nicolas Kovacs wrote:> Hi, > > Some time ago one of my public servers (running Slackware64 14.0) got > attacked and was misused to send phishing emails. > > This misadventure made me more concerned about security, so I spent the > last few weeks catching up on security, reading docs about SELinux and > how to use it, etc. > > I have a public sandbox server running CentOS 7, and I'm currently > experimenting quite a lot with Apache and how to secure it. My approach > is very much trial-and-error. I've started with these two articles: > > https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-server-on-centos-7/ > > https://www.tecmint.com/apache-security-tips/ > > I've also discovered the Nikto vulnerability scanner, and I'm playing > around with it. > > Besides all this, I'd be curious to know your approach in securing > Apache, the tools you use, maybe the odd do's and don'ts, suggestions, > some good books and/or online docs about the subject, etc. > > Cheers from the sunny South of France, > > Niki >If you're using PHP, use php-fpm running each host under a different user. https://wp-root.org/server/install-php-fpm-tcp-unix-sockets-centos/ -- -- Steve