محافظت از وب سرور آپاچی

وب سرور آپاچی به عنوان پراستفاده ترین وب سرور اینترنت (که البته این محبوبیت در حال کاهش است!) دارای تهدید هایی است که به رعایت برخی نکات و استفاده از ابزارهای موجود می توان این تهدید ها را کاهش داد. قسمتی از این تهدید ها را در مقاله Protect your Apache server from DoS attacks می توانید بخوانید. در ادامه چند مطلب در مورد پیشگیری و محافظت در برابر حملات بر ضد Apache را می توانید دنبال کنید.

Mitigate Attacks With mod_evasive

Now that you have a tuned, well-trafficked site, what should you think about next? High on your list should be security. Hopefully, you’ve adopted the best practices for locking down your Apache and PHP installations, but beyond that, there are many Apache modules that can further bolster a hardened configuration and therefore increase uptime. One module that comes to mind is mod_security, an embeddable Web application firewall. Another is mod_evasive. Available from http://www.zdziarski.com/projects/mod_evasive/ and licensed under the GNU Public License, mod_evasive is an Apache module that provides evasive action in the event of an HTTP denial of service (DoS), distributed denial of service (DDoS), or brute force attack. mod_evasive is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, and routers. Moreover, it can report abuses via email and syslog.

SNIPS (System & Network Integrated Polling Software) is a system and network monitoring software that runs on Unix systems and can monitor network and system devices. It is capable of monitoring DNS, NTP, TCP or web ports, host performance, syslogs, radius servers, BGP peers, etc. New monitors can be added easily (via a C or Perl API).

     - 20 ways to Secure your Apache Configuration

Securing Apache: Step-by-Step

Before we start securing Apache, we must specify what functionality we expect from the server. Variety of Apache’s use makes it difficult to write a universal procedure to secure the server in every case. That’s why in this article we’ll base on the following functionality:

* The Web server will be accessible from the Internet; and,
* Only static HTML pages will be served
* the server will support name-based virtual hosting mechanism
* specified Web pages can be accessible only from selected IP addresses or users (basic authentication)
* the server will log all the Web requests (including information about Web browsers)

Securing Apache 2: Step-by-Step

When choosing a web server, Apache very often wins against its competitors because of stability, performance, that fact that it’s open source, and many other advantages. But when deciding on which version of Apache to use, the choice is not always so simple. On the one hand there is a very popular, stable version used by millions of users, version 1.3, and on the other hand, there is an enhanced and re-designed version 2.0.

Secure Your Apache With mod_security

This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.

In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you’re using.