Apache and Security Arrangements
If you have an iptables firewall on your computer, you'll need to disable it at least for TCP/IP port 80. If you're configuring a secure Web site, you'll also need to disable iptables for port 443. If you've enabled SELinux, you'll need to change the Access Control List (ACL) security contexts of key directories. Chapter 15 describes these processes in detail. For now, just take the following two steps:
Run system-config-securitylevel, allow incoming WWW (HTTP) and Secure WWW (HTTPS) connections as "Trusted Services," and exit normally.
Run the ls -Z /var/www command. Note the ACL settings. If you configure other directories for Web services, you'll need to change their ACL settings. For example, if you create and then use the /www directory, run the following commands:
# chcon -R -u system_u /www/
# chcon -R -t httpd_sys_content_t /www/
Host-Based Security
You can add the Order, allow, and deny directives to regulate access based on host names or IP addresses. This basic command allows access by default. It reads the deny directive first:
Order deny,allow
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment