Hello, I was assigned with the task of preparing a security policy for Apache HTTP servers in my company and, despite I have a few years of experience with it (mostly v2.2), I'd like to have a more formal reference material on which I could base the policy.
Please, is there any good (and not so old) book on Apache security out there that you would recommend? I know there is a lot of information on this subject on the net, but as far as I could see they only cover the basics like not using privileged ID, locking down the binaries, logs and directories, .htaccess files, not allowing CGI scripts, etc., which I already know. I'm looking for a book that could cover the basics plus more advanced configurations, again mainly for v2.2 and perhaps also for 2.4. Thank you!! ________________________________ This communication is confidential. We only send and receive email on the basis of the terms set out at www.rogers.com/web/content/emailnotice<http://www.rogers.com/web/content/emailnotice> Ce message est confidentiel. Notre transmission et r?ception de courriels se fait strictement suivant les modalit?s ?nonc?es dans l'avis publi? ? www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel> ________________________________