secure apache
Posted:
Sat Nov 11, 2006 5:22 pmby redduck666
hello, recently someone broke into a server through X page, the problem is that they were able to get data about page Y which is on the same server. can i prevent this kind of behaviour and retain functionality?
Posted:
Tue Nov 14, 2006 3:41 amby katmai
usually you can secure apache using mod_security / mod_evasive / enable php SUEXEC / disable enable_dl in php.ini config / disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open in php.ini / work on open_basedir protection /
those tweaks should help you a lot in increaing server security.