Hi Everyone
I was wondering how far you guys go in terms of security. I'm mainly
interested in response from people running apps that deal with sensitive
data, like credit cards. Do you disable all unneeded modules, compile
from source and statically compile every needed module, disabling
mod-so? Or is a sudo apt-get apache2 generally good enough for you? Do
you jail your apache, if so is internal jailing good enough or do you
use external jailing. There are easy steps for security of course,
obscuring security information, making sure apache doesn't run as root,
etc. Any advice/opinions on this topic would be appreciated. I tend to
be extremely paranoid when it comes to a web server and security and its
tough to not let the issue consume all your time.
Thanks
AFrieze
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
