[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Apache WebServer on OpenBSD 3.1

Hello Rob,

On Mon, Oct 14, 2002 at 03:23:16PM -0400, Rob Smith wrote:
> I have been a BSD fan for the last few years as well as working with
> Sidewinder which is BSD based.
> I'm about to set up a web server (Apache).  Are there any good hardening,
> setup links or websites about Apache on OpenBSD 3.1?  I plan on setting it
> up in the next few weeks and wanted to read some before jumping in.
I'd wait for the 3.2 release which is due on Nov, 1st [1]. The OpenBSD team has
hardened the base installation of Apache since 3.1 thru chrooting it and 3.2
will also feat a non-exec stack which can significantly help against buffer
overflows and such.

Apart from that, you'd need to set/watch the permissions correctly, configure
httpd.conf to the minimum needed, install some integrity checker like samhain or
AIDE, etc. 

[1] if you can't wait, install a snapshot.
Saad Kadhi -- [saad_(_at_)_docisland_(_dot_)_org] [bsdguy_(_at_)_docisland_(_dot_)_org]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
"Si ce que tu dis n'est ni beau, ni bon, ni vrai, alors tais-toi!"
							    - Socrate