[SGVLUG] Securing Apache
Jeff Carlson
jeff at ultimateevil.org
Wed Jul 26 11:49:10 PDT 2006
Joel Witherspoon wrote:
> My /var/www directories are owned by root:root all at 755
> My /etc/httpd directories are owned by root:root and at 755 except my logs,
> modules and run - they are at 777
Those are symlinks. Under Linux, symlinks are (almost) always 777.
> Should I change the directory user:groups to apache:apache for the
> /etc/httpd and /var/www, /var/cgi-bin?
No. Why? Do you want the apache user to be able to write there? You
would if you are using WebDAV, but not otherwise.
> What is the best way to secure apache with this setup?
From the sound of things so far, just leaving it alone will be best for
you.
More information about the SGVLUG
mailing list