Last year, I discussed hardening Apache Web server with Apache Tomcat behind it. There was a lot of interest in hardening Apache and recommendations. We will review possible exploits and how proper mitigation can prevent breaches. Apache has a lot of security holes, especially in older versions. While upgrading fixes a lot of problems, there will always be exploits. We want to demonstrate a system that is reliable and robust, with the least amount of information exposed to the public. Additionally, there will be a review of some standard configurations you can build from to protect your environment.


Comments are closed.

Ben Roberts at 11:06 on 19 Oct 2018

Andrew's session was a realistic, practical and useful look at securely configuring Apache Web server, particularly as it relates to the LA[M]P stack. Thanks! Hope the slides get posted soon.