Apache Configuration Security Checklist


Apache is the most widely used HTTP daemon for *nix-based servers, this checklist will help you secure your install to restrict the potential of exploits being found within your install. Installations of Apache include a default configuration that is fairly secure already and this checklist covers some of the additional methods you can use to secure your installation.

httpd.conf - the Options directive

The options directive is potentially the most important flag that you could use to aid securing your Apache install, it allows a variety of abilities to be restricted on either a global or per-user basis. The most commonly used settings are below:

Modules

By default, Apache comes with some built in modules aimed to supplement the default functionality within the daemon. There are a series of modules - some of which are designed to enhance functionality (such as mod_cgi) and some of which are to enhance security (such as mod_security). A summary of some of the most important ones is listed below: