February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Hardening Apache SSL/TLS on RHEL 8/CentOS 8
For this demo, you'll install Apache and mod_ssl on a CentOS 8 VM. (Unlike on Ubuntu, you have to install these as two separate packages.) Use the same scanner VM that you used in the previous lab. A new feature of RHEL 8/CentOS 8 is that you can now set system-wide crypto policies for most of your services and applications that require crypto. We'll take a quick look at it here, and again in Chapter 6, SSH Hardening:
- On your CentOS 8 VM, install Apache and mod_ssl and start the service:
sudo dnf install httpd mod_sslsudo systemctl enable --now httpd
- Open port 443 on the firewall:
sudo firewall-cmd --permanent --add-service=httpssudo firewall-cmd --reload
- From the scanner VM, scan the Apache ...