O'Reilly logo

Open Source Web Development with LAMP: Using Linux, Apache, MySQL, Perl, and PHP by Brent Ware, James Lee

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

3.4. Securing Apache

As we go through the book, we discuss security issues involved with giving people access to a low port on your machine, but we can’t go into all the details—that would result in an almost 600-page book Hacking Linux Exposed [Hatch+ 02].

Most of the following configuration directives are optional; you can do as you wish for your setup, but you should be aware of the choices you’re making. Remember, no decision is also a decision.

3.4.1. Set User and Group

Make sure the user and group are set to:

User apache 
Group apache 

The user and group could be apache or bozo or whatever. The important thing is that Apache doesn’t run as root, which, if Apache were cracked, could allow someone to crack your box from the root Apache ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required