Short Notes on Security

From PaskvilWiki
Revision as of 19:20, 1 July 2011 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Note - serving of local files

Note: Often the initial installation of Apache has <Directory /> directive (directive for the root of the filesystem) set to "Allow from All", in [Apache config dir]/sites-available/default! This means that server can server any file from the file system, not just the files in the htdocs document folder, which you typically want!

To avoid this, simply change this to "Deny from All".

Enable SSL/HTTPS in Apache

HowTo: Use the following virtual host definition:

<VirtualHost *:443>
ServerName ssl-name
DocumentRoot /var/www/ssl/root
SSLEngine on
SSLCertificateFile /etc/apache2/server.crt
SSLCertificateKeyFile /etc/apache2/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

where certificate file and the certificate key file are either authority-signed or self-signed certificate files (see below), and add

NameVirtualHost *:443
Listen 443

to /etc/apache2/ports.conf and restart Apache.

External Links