Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Secure Your Apache With mod_security

Debian

Secure Your Apache With mod_security

Post date: July 16, 2006, 16:07 Category: Security Views: 4972 Comments
Tutorial quote: This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.

In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you're using.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
Fedora+Core

Enhancing Apache with mod_security

Post date: April 12, 2005, 18:04 Category: Security Views: 2789 Comments
Tutorial quote: Like probably quite a few of you, I run and admin some websites (some for fun, some for work), and as many of you surely do, some of these websites are mounted on a CMS. CMS are not the 8th wonder of the world, however some of them are pretty good, and they save you a lot of time by automating tons of tasks... however, as in every piece of code there exists, all of them are insecure and buggy (in fact, every piece of software is insecure and buggy to a degree)

So, searching for tools and ways to prevent people from breaking into my site without authorization, I began my search and found a great piece of software: mod_security for Apache.
Linux

Secure Websites Using SSL And Certificates

Post date: May 16, 2007, 22:05 Category: Security Views: 3584 Comments
Tutorial quote: This article will guide you through the entire process of setting up a secure website using SSL and digital certificates. This guide assumes that you already have a fully functional (and configured) server running Apache, BIND, and OpenSSL. Just as a side note, this guide was written based on a Fedora Core 6 distribution, but should be the same for most other distros out there.
Linux

Setting Up Subversion for One or Multiple Projects

Post date: April 13, 2005, 00:04 Category: Miscellaneous Views: 3962 Comments
Tutorial quote: Deploying a secure and manageable Subversion installation that uses Apache 2.0 as a central authentication checkpoint and SSL for data integrity and confidentiality.
Debian

Setting up an SSL server with Apache2

Post date: February 12, 2006, 07:02 Category: Network Views: 4409 Comments
Tutorial quote: With the introduction of the Apache2 packages in Debian it is much simpler to create and use a secure SSL protected webserver than in the old days with Apache 1.3, here we'll show how it is done.
OpenBSD

Creating secure wireless access points with OpenBSD and OpenVPN

Post date: December 13, 2005, 18:12 Category: Network Views: 7936 Comments
Tutorial quote: You know how insecure 802.11x wireless networks are. In this article we'll create an OpenBSD-based secure wireless access point that prevents unauthorized access and encrypts every packet using a VPN tunnel. OpenBSD is one of the most secure operating systems available, is easy to use, and includes almost everything you need for this project in the base installation.
Unix+clones

Apache Maintenance Basics

Post date: April 13, 2005, 01:04 Category: Software Views: 2837 Comments
Tutorial quote: You've downloaded and configured your Apache server and are ready to move on to the next project. Can it really be left to fend for itself in a darkened room?

Yes. To some degree, anyway. With the exception of configuration testing, once Apache is up, you likely need never think about how the Web server is running.

On the other hand, completely ignoring your Apache installation would be foolhardy. Doing some regular checks and maintenance on your Apache installation helps identify any issues — usually before they even become issues — and helps you stay up date with the latest security and performance patches. This article covers some of the major steps and maintenance tasks that should be regularly undertaken while the Apache system is running.
Debian

Fast and Secure FTP Server with Vsftpd in Debian

Post date: February 22, 2007, 20:02 Category: Network Views: 4288 Comments
Tutorial quote: vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast. It is stable.Don’t take my word for it, though. Below, we will see evidence supporting all three assertions. We will also see a list of a few important sites which are happily using vsftpd. This demonstrates vsftpd is a mature and trusted solution.vsftpd is an FTP server, or daemon. The “vs” stands for Very Secure.
Unix+clones

Security Testing your Apache Configuration with Nikto

Post date: August 29, 2006, 16:08 Category: Security Views: 3586 Comments
Tutorial quote: By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!
FreeBSD

Setting up a Secure Subversion Server

Post date: May 17, 2005, 08:05 Category: Network Views: 5676 Comments
Tutorial quote: This article demonstrates how to create a secure repository using Subversion. The next installment will show how to train your users to access the repository using a GUI client.
Web-based applications and online marketing solutions - LumoLink