Operating Systems > Linux and UNIX

apache

(1/7) > >>

Master of Reality:
how do i set apache to be on a certain interface?
when i just started it, it only listened/connected to my internal interface. I need it on my external interface.

voidmain:
It should have bound to both by default. Look at the "BindAddress" tag and the "Listen" tag in your httpd.conf file.

Master of Reality:
is there any special security issues i should know about when running a website on my server?

http://chatroom.fuckmicrosoft.com

voidmain:
Of course there are. People should have access to exactly what you want them to access and nothing more. Although a basic web site on a default Apache install is generally pretty safe you might want to turn off things you aren't using and hide unnecessary information. For instance, by default information can be obtained from Apache headers. Things like Operating system and version. Apache version, PHP version (if installed), SSL version, etc.  This information can be turned off, as knowing this information can be helpfull to a hacker. PHP should be updated as there are vulnerabilities in the version you likely have (although they may not be easily exploited). You can also set directory permissions like not allowing directory listing (directory listing is turned off by default). I don't want to make it sound like if you don't button up Apache on a default install that you will get hacked because it's very likely that it won't but you do need to be concious of what security implications there are, especially if you are doing CGI programming or other server side generated content.  I would suggest looking over Apache's web site and doing some Google searches on Apache+security etc.. Also if you use MySQL or PostgreSQL on your web server you not only have to worry about security of the database with Apache but weather the database server itself is secure and is not listening on your outside interfaces for people to try to hack... Especially if you don't set an admin password, etc.. The more services you associate with Apache the more complex your security becomes.

[ April 25, 2002: Message edited by: VoidMain ]

Master of Reality:
well.. i must have screwed something up somewhere (again). I setup apache (a while ago), http://chatroom.fuckmicrosoft.com and now i cant get to the website from any computer other than the computers in my network, i get a 525 error, cant connect to remote host (i think thats what the 525 error is). Could it be that my local computers are just getting off the internal interface? I dont know how they would do that because they have to look up the DNS name to find out that chatroom.fuckmicrosoft.com is my IP address. Could squid be blocking people from getting to my webserver?, i'm not running a transparent proxy. And squid and apache are running on the same red hat 7.2 machine.

Navigation

[0] Message Index

[#] Next page