Securing Apache

Finally, we come to HTTP. Secure HTTP is vitally important to e-commerce, protecting clients' credit card numbers and billing information rather than their login names and passwords—arguably just as critical, especially if your business depends on your clients' confidence in the privacy with which you handle their information.

Securing HTTP was one of the earliest widespread uses for SSL, and although that security package has today become adopted for nearly all popular services, Apache's integration with it still shows signs of the disorganization with which the early years of SSL were plagued. There are two different, unrelated, SSL-enabled versions of Apache that are being simultaneously developed: Apache-SSL and mod_ssl. Both ...

Get FreeBSD® Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.