Securing Apache

October 25, 2007

Apache is perhaps difficult and complicated to tweak so first of all I’ll learn how to secure it.

In ubuntu I’ll have to tweak the file /etc/apache2/sites-enabled/000-default/. To disable display or disallow browsing of folders if I don’t have a index.html file there I need Options -indexes. However Habari requires that FollowSymLinks is allowed while WP doesn’t need this, don’t know why.

If I don’t allow access to files other than those saved in the site folders then I need below between [Directory /] and [/Directory]

Order Deny,Allow
Deny from all
Options None
AllowOverride None

I have used XAMPP for years on PC there are things that I got to learn now when apache is running in a server.

Once new settings are entered I could check syntax by apache2ctl configtest before restarting apache by apache2ctl graceful

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: