February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
OpenSSL and the Apache web server
A default installation of any web server isn't all that secure, so you'll need to harden it up a bit. One way to do that is by disabling the weaker SSL/TLS encryption algorithms. The general principles apply to all web servers, but for our examples, we'll just look at Apache. (The topic of web server hardening is quite extensive. For the present, I'll confine the discussion to hardening the SSL/TLS configuration.) You can use either Ubuntu or CentOS for this section, but the package names and configuration files are different between the two distributions. The configurations also differ between CentOS 7 and CentOS 8, so we'll look at them as well. But before I can explain the configuration options, I need ...