* Cantinho Satkeys

Refresh History
  • FELISCUNHA: ghyt74   49E09B4F  e bom feriado   4tj97u<z
    Hoje às 10:39
  • JPratas: try65hytr Pessoal  h7ft6l k7y8j0
    Hoje às 03:51
  • j.s.: try65hytr a todos  4tj97u<z
    30 de Outubro de 2024, 21:00
  • JPratas: dgtgtr Pessoal  4tj97u<z k7y8j0
    28 de Outubro de 2024, 17:35
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  k8h9m
    27 de Outubro de 2024, 11:21
  • j.s.: bom fim de semana   49E09B4F 49E09B4F
    26 de Outubro de 2024, 17:06
  • j.s.: dgtgtr a todos  4tj97u<z
    26 de Outubro de 2024, 17:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana
    26 de Outubro de 2024, 11:49
  • JPratas: try65hytr Pessoal  101yd91 k7y8j0
    25 de Outubro de 2024, 03:53
  • JPratas: dgtgtr A Todos  4tj97u<z 2dgh8i k7y8j0
    23 de Outubro de 2024, 16:31
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    23 de Outubro de 2024, 10:59
  • j.s.: dgtgtr a todos  4tj97u<z
    22 de Outubro de 2024, 18:16
  • j.s.: dgtgtr a todos  4tj97u<z
    20 de Outubro de 2024, 15:04
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  101041
    20 de Outubro de 2024, 11:37
  • axlpoa: hi
    19 de Outubro de 2024, 22:24
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    19 de Outubro de 2024, 11:31
  • j.s.: ghyt74 a todos  4tj97u<z
    18 de Outubro de 2024, 09:33
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    18 de Outubro de 2024, 03:28
  • schmeagle: iheartradio
    17 de Outubro de 2024, 22:58
  • j.s.: dgtgtr a todos  4tj97u<z
    17 de Outubro de 2024, 18:09

Autor Tópico: Apache Web Server Hardening  (Lida 235 vezes)

0 Membros e 2 Visitantes estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 115395
  • Karma: +0/-0
Apache Web Server Hardening
« em: 14 de Abril de 2020, 23:13 »


Video: .MP4, 1920x1080 30 fps | Audio: AAC, 44.1 kHz, 2ch | Duration: 19h 26m
Genre: eLearning | Language: English | Size: 3.65 GB

In this course, we teach about Apache web server hardening. We cover what web server hardening is and why it plays a crucial part in the process of running a web server. We go over several configurations we can perform to help secure our Apache web server as much as possible. In addition, we talk about the different kinds of vulnerabilities Apache is susceptible to. Apache HTTP Server is a free open-source web server that runs approximately 45% of today's websites, which is why learning how to properly secure it is extremely important.

Web servers are in many cases located at the edges of networks, so they are exposed to attacks more frequently than other parts of networks. Web servers are always targeted with requests, both manually and automatically, through scripts. At the beginning of this course, we provide an introduction to web server hardening and teach how to properly install and configure an Apache server. All steps will be performed on Centos7, but we could use the same commands for other Linux operating systems. Keep in mind that the installation process is precisely where the process of server hardening begins. It is very important to conduct a proper installation and configuration in order to protect the server and make it less vulnerable. Remember that default settings are easily bypassed.

Moreover, we also cover how to configure a firewall correctly. We share some basic firewalld concepts and terms like zones, instances, firewalld commands, and blacklists. Subsequently, we present several other topics. For example, we dive into Security-Enhanced Linux (SELinux) and see why it is important to use it with Apache and how it benefits us. SELinux represents mandatory access controls (MAC), allowing fine-grain access controls for resources such as files, devices, networks, and inter-process communication. In many cases, administrators disable SELinux because it causes complications with Apache and there is not enough time to configure everything correctly in the system. This usually results in decreased security.

Some practical skills this course imprats are how to create automated scripts, manage apache directory access, perform log examination, and exploit a server using a well-known vulnerability: ShellShock. Automated scripts enable us to perform server and SELinux checks automatically, which is necessary when handling thousands or even millions of Apache instances at once. We create our own automated script for our needs, but we can always incorporate scripts written by others as well. We also create a capture file using the tcdump tool so we can recognize if there's anything suspicious going on in the system. If something suspicious is detected, we will then inspect the traffic in Wireshark.

Another covered is logs. Logging is essential in any system. We share how to configure our own log level for both general and specific traffic. By the end of this course, you will have a better understanding of the Apache server and be more aware of the dangers it's exposed to. You will also be able to set up and configure various parts of the system more securely, as well as search for potential threats.


Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction