Chroot and Apache
Steps to chroot apache to limit the damage in case of a possible intrusion.
After preparing our system chroot (see article debootstrap e chroot) just follow these steps, enter the chroot system:
chroot /mychroot
install apache:
apt-get apache
modify the configuration file:
/etc/apache/httpd.conf
to include the following:
ExtendedStatus On <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from 127.0.0.1 </Location> <Location /server-info> SetHandler server-info Order deny,allow Deny from all Allow from 127.0.0.1 </Location>
included in the configuration file:
/etc/apache/modules.conf
following line:
LoadModule info_module /usr/lib/apache/1.3/mod_info.so
perform a restart apache:
/etc/init.d/apache restart
to verify the installation of the service, open an Internet browser and point (if the chroot is on our PC) to:
http://localhost/server-status
to view information on the status of apache:
http://localhost/server-info
to view information about configuring apache:
http://localhost
to view the default page of Apache:
he screenshot below helps to understand better the situation:
Note that the root filesystem of reference for Apache is not / but /mychroot.
- Login to post comments
The use of the information shown here is at your risk.
Cyber Methexis disclaims any liability for malfunction and/or loss of data.
Tag cloud
open source hardware scripts microsoft tips and tricks networking apple linux sicurezza software windows internet sistemi operativi scripting informatica downloads