{"id":688,"date":"2016-10-09T19:18:35","date_gmt":"2016-10-09T16:18:35","guid":{"rendered":"https:\/\/community.virtono.com\/?p=688"},"modified":"2023-06-21T10:24:40","modified_gmt":"2023-06-21T07:24:40","slug":"setting-up-security-on-apache","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/knowledgebase\/setting-up-security-on-apache\/","title":{"rendered":"Setting Up Security on Apache"},"content":{"rendered":"<p>To get an in-depth knowledge on Apache Web Server, please visit, <a href=\"https:\/\/virtono.com\/community\/news-announcements\/apache-web-server\/\" target=\"_blank\" rel=\"noopener\">this<\/a>.<\/p>\n<p>However if you&#8217;ve already begun working with Apache and know about it, and are only concerned with securing your server, here are a few tricks that will help you out, read them and use them carefully.<\/p>\n<p><strong>Protecting the Files on Your Web Server<\/strong><\/p>\n<p>Most files that control web server&#8217;s operation are under &#8216;ServerRoot&#8217;<\/p>\n<p>\u2013Server runs under an identity (nobody) that shouldn&#8217;t have the ability to modify its own control files<\/p>\n<p>\u2013Exceptions are <i>error_log<\/i> and <i>access_log<\/i><\/p>\n<p>Most files in server&#8217;s DocumentRoot should be <b>read-only <\/b>to server<b>.\u00a0 <\/b>Carefully consider exceptions.<\/p>\n<p>\u2013Symbolic links can bypass DocumentRoot control<\/p>\n<p><strong>Protecting your computer from unauthorized users<\/strong><\/p>\n<p>\u2013<i>Authentication<\/i> \u2013 the process of allowing users access to the Web service based on usernames and passwords or IP addresses or domains<\/p>\n<p><strong>Protecting your computer from programs that run on the host computer<\/strong><\/p>\n<p>\u2013SSI &#8220;includes&#8221;<\/p>\n<p>\u2013Executable directories<\/p>\n<p>\u2013Controls, scripts, applets, etc<\/p>\n<p><strong>Protecting the URLs on Your Web Site<\/strong><\/p>\n<p>This involves the Mandatory and Discretionary access that was discussed in the Server Users and Documents powerpoint slides which discussed the use of Authentication and Authorization.<\/p>\n<p><strong>Permissions on ServerRoot Directories<\/strong><\/p>\n<p>You want to be sure these directories are writeable only by<b> root<\/b><\/p>\n<p>\u2013If non-root users can modify files that root either executes \/writes, system is open to root compromises\u00a0 (httpd could be replaced, log files overwritten, etc.)<\/p>\n<p><strong>More Security Tips for Apache<\/strong><\/p>\n<p><b><i>CGI<\/i><\/b> \u2013 scripts run under Apache&#8217;s user so may possibly conflict with other scripts<\/p>\n<p>\u2013<b>suEXEC<\/b><b><i> \u2013 <\/i><\/b>program included with Apache to allow scripts to run as different users<\/p>\n<p><b><i>Disallow .<\/i><\/b><b><i>htaccess<\/i><\/b><b><i> files<\/i><\/b> \u2013 may override admin&#8217;s security controls<\/p>\n<p><strong>\u2013AllowOverride None<\/strong><\/p>\n<p><b><i>Server Side Includes<\/i><\/b> \u2013 require additional processing by Apache \u2013 require <b>.<\/b><b>shtml<\/b><\/p>\n<p>\u2013Can also execute (<b>EXEC<\/b>) any CGI script or program under permissions of user\/group Apache Runs in<\/p>\n<p>Use <b>IncludesNOEXEC<\/b> directive to prohibit<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To get an in-depth knowledge on Apache Web Server, please visit, this. However if you&#8217;ve already begun working with Apache and know about it, and are only concerned with securing your server, here are a few tricks that will help you out, read them and use them carefully. Protecting the<\/p>\n","protected":false},"author":3,"featured_media":686,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[],"class_list":["post-688","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/10\/asf_logo.png?fit=429%2C175&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-b6","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":3270,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/install-the-apache-on-centos\/","url_meta":{"origin":688,"position":0},"title":"Install the Apache on CentOS","author":"George B.","date":"April 19, 2023","format":false,"excerpt":"In this article, we will go over the steps to install Apache on CentOS. Apache is a widely used web server software that allows you to serve web pages to users over the internet. It is a free and open-source software that is highly configurable and can be customized to\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-apache-on-centos.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-apache-on-centos.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-apache-on-centos.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3930,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-apache-on-almalinux-9-2\/","url_meta":{"origin":688,"position":1},"title":"How to Install Apache on AlmaLinux 9.2","author":"George B.","date":"September 22, 2023","format":false,"excerpt":"This guide will walk you through setting up virtual hosts to run multiple websites on a single server and installing Apache on AlmaLinux 9.2. Whether you're running a personal blog, a small business website, or a complex web application, having a robust web server is essential. Apache, one of the\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/09\/How-to-Install-Apache-on-AlmaLinux-9.2.png?fit=360%2C240&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3385,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-apache-on-almalinux-9-1\/","url_meta":{"origin":688,"position":2},"title":"How to Install Apache on AlmaLinux 9.1","author":"George B.","date":"May 24, 2023","format":false,"excerpt":"In this step-by-step guide, we will walk you through the process of installing Apache on AlmaLinux 9.1. Additionally, we will explore how to configure virtual hosts, which allow you to host multiple websites on a single Apache installation. Apache is a widely-used and highly popular web server that powers a\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/05\/Coding-Channel.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/05\/Coding-Channel.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/05\/Coding-Channel.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":148,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-and-run-apache-web-server-on-windows-10\/","url_meta":{"origin":688,"position":3},"title":"How to Install and Run Apache Web Server on Windows 10","author":"Daniel Draga","date":"July 23, 2016","format":false,"excerpt":"This article is part of series of articles on Apache. Here is the list: Introduction to Apache Web Server. Difference between Apache http and Apache Tomcat. How to Install and Run Apache Web Server on Ubuntu Linux. How to Install and Run Apache Web Server on Windows 10.(this one) Original\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/CfXJWnZUsAACtrg.png?fit=470%2C245&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":218,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/introduction-to-server\/","url_meta":{"origin":688,"position":4},"title":"INTRODUCTION TO SERVER","author":"Daniel Draga","date":"July 30, 2016","format":false,"excerpt":"Servers are the one that is responsible to provide response to each client\u2019s request simultaneously. A Server may be responsible to process a single request or more than one request at a time. \u00a0 A\u00a0server\u00a0is a system (software\u00a0and suitable\u00a0computer hardware) that responds to requests across a\u00a0computer network\u00a0to provide, or help\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/server-rack1.jpg?fit=1200%2C857&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/server-rack1.jpg?fit=1200%2C857&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/server-rack1.jpg?fit=1200%2C857&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/server-rack1.jpg?fit=1200%2C857&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/server-rack1.jpg?fit=1200%2C857&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":230,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/steps-to-install-ssl-certificate-on-apache-web-server\/","url_meta":{"origin":688,"position":5},"title":"Steps to Install SSL Certificate on Apache Web Server","author":"Daniel Draga","date":"July 30, 2016","format":false,"excerpt":"SSL stands for Secure Socket Layer. Secure Socket Layer (SSL) technology allows web browsers and web servers to communicate over a secure connection. What is a Certificate? A certificate is a digitally-signed statement from one entity (person, company, etc.), saying that the public key (and some other information) of some\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=688"}],"version-history":[{"count":6,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/688\/revisions"}],"predecessor-version":[{"id":3573,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/688\/revisions\/3573"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/686"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}