Fundamentals - Hardening Apache

[sukishan]

Fundamentals
From the start, Mobily requests the patience of the reader as he covers an element of security that's not always foremost in an administrator's mind: the validity of a download and a lean, clean installation.

For some, this may not be a major issue; however, there are Website infrastructures that require the highest levels of security, be it for compliance reasons, or simply to appease a paranoid management.

Mobily goes beyond the usual MD5 checksum and delivers a primer on the use of GnuPG for the verification of a file even when it's downloaded from an authorized source (in consideration of the possible site and source file hack).

A very solid guide to building Apache from source is provided, which addresses both versions 1.3.x and 2.0.x.