Difference between revisions of "Webserver setup"
(Created page with "Apache hardening''' As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applicatio...") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | Apache hardening | + | ===Apache hardening=== |
As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker. | As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker. | ||
Below is a set of guides for Apache webserver hardening. | Below is a set of guides for Apache webserver hardening. | ||
+ | <ul> | ||
<li> | <li> | ||
[http://www.tecmint.com/apache-security-tips/ 13 Apache Web Server Security and Hardening Tips] | [http://www.tecmint.com/apache-security-tips/ 13 Apache Web Server Security and Hardening Tips] | ||
Line 10: | Line 11: | ||
</li> | </li> | ||
</ul> | </ul> | ||
− | + | ||
− | + | ||
+ | ===Database hardening=== | ||
A key approach discussed elsewhere in protecting data, both at rest - on disk - and in use - in memory, is to encrypt these data stores either as part of full disk encryption or as individual restricted encrypted mount points. | A key approach discussed elsewhere in protecting data, both at rest - on disk - and in use - in memory, is to encrypt these data stores either as part of full disk encryption or as individual restricted encrypted mount points. | ||
Below are further guides for specific hardening techniques for the MySQL database system. | Below are further guides for specific hardening techniques for the MySQL database system. | ||
+ | <ul> | ||
<li> | <li> | ||
[http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips MySQL Security Best Practices] | [http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips MySQL Security Best Practices] |
Latest revision as of 19:01, 28 May 2014
Apache hardening
As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker.
Below is a set of guides for Apache webserver hardening.
Database hardening
A key approach discussed elsewhere in protecting data, both at rest - on disk - and in use - in memory, is to encrypt these data stores either as part of full disk encryption or as individual restricted encrypted mount points.
Below are further guides for specific hardening techniques for the MySQL database system.