Hi Seham! On Tue, 02 Oct 2001, Seham Mohamed wrote: > > Hi, > > Please help me to do the professional security steps for apache web > server. Short answer: I think it's secure by default. Really.
A longer one: decide how much information you are ok to leak to visitors. E.g. turn off server signature (ServerTokens Prod), disable mod_autoindex or just turn Indexes option off by default (Options -Indexes). At a quick glance, that's kinda all. Usually I do Apache performance tunning, cause security is there. Be also careful with installed modules (mod_php, mod_perl) and their configuration. -- teodor
