Difference between revisions of "Webserver setup"

Line 1: Line 1:
 
===Apache hardening===
 
===Apache hardening===
 
+
<ul>
 
As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker.
 
As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker.
  
Line 10: Line 10:
 
</li>
 
</li>
 
</ul>
 
</ul>
<ul>
+
 
  
 
===Database hardening===
 
===Database hardening===
Line 17: Line 17:
  
 
Below are further guides for specific hardening techniques for the MySQL database system.
 
Below are further guides for specific hardening techniques for the MySQL database system.
 +
<ul>
 
<li>
 
<li>
 
[http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips MySQL Security Best Practices]
 
[http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips MySQL Security Best Practices]

Revision as of 19:01, 28 May 2014

Apache hardening

    As well as considering the physical server and it's operating system users must thinking in terms of application security. Especially for those applications which either contain sensitive data or those that provide access routes to the machine for an attacker. Below is a set of guides for Apache webserver hardening.
  • 13 Apache Web Server Security and Hardening Tips
  • Apache 2.0 Hardening Guide


Database hardening

A key approach discussed elsewhere in protecting data, both at rest - on disk - and in use - in memory, is to encrypt these data stores either as part of full disk encryption or as individual restricted encrypted mount points.

Below are further guides for specific hardening techniques for the MySQL database system.