6. Using the Center for Internet Security Apache Benchmark Scoring Tool
In the previous two chapters, we discussed numerous updates and configuration changes that should be made to an Apache installation in order to make it more secure. Some of the settings were easier to implement than others, and some of them required that some tests were performed in order to verify that the desired security configuration had been achieved. Although the rationale for testing these settings is well understood, an undesired side effect may manifest itself. Some security settings may be mistakenly left in an insecure configuration due to testing. Often, testing of configurations requires that some security settings be disabled or changed so that you can focus ...
Get Preventing Web Attacks with Apache now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.