Ask the Expert

Keeping your Apache server safe

I am being regularly attacked by a cracker who is using my Apache server to cause denial-of-service attacks on others. I need some advice on how to determine what is happening and how to stop it forever! I have one rack server co-located at a data center. It is running Bind DNS v. 9, Sendmail, and Apache 2.0.54. I use a Shorewall firewall.

Requires Free Membership to View

I recommend you hire a security professional or consultancy to review and secure your system. If you wish to handle it on your own then I would recommend a number of books, including Tony Mobily's excellent Hardening Apache and my own book on Hardening Linux.

But I strongly urge you to engage a professional. Your ISP/data center may already use someone or an organization that might be able to assist you.

This was first published in January 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: