Page tree
Skip to end of metadata
Go to start of metadata

Apache HTTP Server is an open-source web server platform leveraged by a number of applications.  This article will outline the steps to install, configure and harden a zero-footprint instance of Apache 2.x.

Initial Installation

Note

The following instructions assume that you have appropriate permissions to execute the commands. If the login user itself does not have proper privileges, prefix each command with sudo, provided you have been added to the sudoers file.

In the command windows below, square brakcets [ ] denote optional items.

The first step is to retrieve the source files from Apache.  Sine we are primarily using Unix-based systems, we will grab the bzip2 compressed file, but the steps would be similar on Linux using a gunzip archive.

Solaris (Unix)
wget http://archive.apache.org/dist/httpd/httpd-2.2.32.tar.bz2 [ -e use-proxy=yes -e http_proxy=server/IP:port ]

Next we unpack the archive

Solaris (Unix)
bzip2 -d httpd-2.2.32.tar.bz2
tar -xvf httpd-2.2.32.tar

For our purposes, one of the first levels of hardening comes during our initial setup phase. This is achieved by compiling our new Apache instance with only the static modules that we require.   The following command is a good starting point; the enable-mods-shared=few will compile Apache with the bare minimum DSOs and other modules are enabled/disabled as needed.  A complete list of modules can be found here Apache 2.2 Modules.  The --prefix switch allows as to specify the custom install directory for Apache.  Further configuration options can be viewed here Apache Configuration Options.



References

http://httpd.apache.org/docs/2.0/install.html - Official instructions.

  • No labels