Apache Web Server Hardening

Apache Web Server Hardening
Apache Web Server Hardening

English | MP4 | AVC 1920×1080 | AAC 44KHz 2ch | 19h 26m | 3.65 GB
eLearning | Skill level: Intermediate


In this course, we teach about Apache web server hardening. We cover what web server hardening is and why it plays a crucial part in the process of running a web server. We go over several configurations we can perform to help secure our Apache web server as much as possible. In addition, we talk about the different kinds of vulnerabilities Apache is susceptible to. Apache HTTP Server is a free open-source web server that runs approximately 45% of today’s websites, which is why learning how to properly secure it is extremely important.

Web servers are in many cases located at the edges of networks, so they are exposed to attacks more frequently than other parts of networks. Web servers are always targeted with requests, both manually and automatically, through scripts. At the beginning of this course, we provide an introduction to web server hardening and teach how to properly install and configure an Apache server. All steps will be performed on Centos7, but we could use the same commands for other Linux operating systems. Keep in mind that the installation process is precisely where the process of server hardening begins. It is very important to conduct a proper installation and configuration in order to protect the server and make it less vulnerable. Remember that default settings are easily bypassed.

Moreover, we also cover how to configure a firewall correctly. We share some basic firewalld concepts and terms like zones, instances, firewalld commands, and blacklists. Subsequently, we present several other topics. For example, we dive into Security-Enhanced Linux (SELinux) and see why it is important to use it with Apache and how it benefits us. SELinux represents mandatory access controls (MAC), allowing fine-grain access controls for resources such as files, devices, networks, and inter-process communication. In many cases, administrators disable SELinux because it causes complications with Apache and there is not enough time to configure everything correctly in the system. This usually results in decreased security.

Some practical skills this course imprats are how to create automated scripts, manage apache directory access, perform log examination, and exploit a server using a well-known vulnerability: ShellShock. Automated scripts enable us to perform server and SELinux checks automatically, which is necessary when handling thousands or even millions of Apache instances at once. We create our own automated script for our needs, but we can always incorporate scripts written by others as well. We also create a capture file using the tcdump tool so we can recognize if there’s anything suspicious going on in the system. If something suspicious is detected, we will then inspect the traffic in Wireshark.

Another covered is logs. Logging is essential in any system. We share how to configure our own log level for both general and specific traffic. By the end of this course, you will have a better understanding of the Apache server and be more aware of the dangers it’s exposed to. You will also be able to set up and configure various parts of the system more securely, as well as search for potential threats.

+ Table of Contents

Getting Started
1 Course Introduction
2 About the Training Architect
3 How to Get Help
4 Prerequisites

Secure Access to the Apache Server
5 General Configuration and Setup Part 1
6 General Configuration and Setup Part 2
7 General Configuration and Setup Part 3
8 Securing Access to the Apache Web Server OS Part 1
9 Securing Access to the Apache Web Server OS Part 2

Apache Exploits, Attack Vectors, and Automation
10 Vulnerability Scans and Cloud Provider Policies Part 1
11 Vulnerability Scans and Cloud Provider Policies Part 2
12 Vulnerability Scans and Cloud Provider Policies Part 3
13 Apache Exploits and Attack Vectors Overview Part 1
14 Apache Exploits and Attack Vectors Overview Part 2
15 Writing Automated Scripts

Firewall
16 Firewall Configuration Part 1
17 Firewall Configuration Part 2
18 Firewall Configuration Part 3
19 Firewall Configuration Part 4
20 Firewall Configuration Part 5
21 Firewall Configuration Part 6

SELinux
22 SELinux Configuration Part 1
23 SELinux Configuration Part 2
24 SELinux Configuration Part 3
25 SELinux Configuration Part 4

Apache Modules
26 Module Management
27 Mod Security Part 1
28 Mod Security Part 2
29 Mod Evasive

Apache Directory Access
30 Directory Access Part 1
31 Directory Access Part 2
32 Directory Access Part 3

Check List
33 Apache Logs Part 1
34 Apache Logs Part 2
35 Apache Logs Part 3
36 Encryption Configuration Part 1
37 Encryption Configuration Part 2
38 Encryption Configuration Part 3
39 Encryption Configuration Part 4
40 DDoS Protection and Server Side Includes (SSI) Part 1
41 DDoS Protection and Server Side Includes (SSI) Part 2
42 Server Banner and Entity Tag (ETag)
43 HTTP Request Methods
44 Setting Up Cookie with `HttpOnly` and `Secure` Flag and X-XSS Protection
45 The Clickjacking Attack
46 Disabling HTTP 1.0 Protocol, HTTP Trace, Apache Following of Symbolic Links and `HostnameLookups`

Final Steps
47 What's Next