[wplug] Securing apache + logs
Michael Semcheski
mhsemcheski at gmail.com
Sat Aug 9 03:27:06 EDT 2008
Apache 2 has been quite stable for a long time. No reason for you to run
Apache 1 unless you have some specific need for it.
Security wise, disable root login via ssh. You should probably try to
require an rsa key to login via ssh. Look at /etc/ssh/sshd_config.
As for analyzing logs, try webalizer.
On Fri, Aug 8, 2008 at 11:45 PM, Zach Uram <netrek at gmail.com> wrote:
> I finally got a VPS (I selected a Debian instance) and am going to run
> my webserver from there.
>
> I was wondering if there are any procs/cons with Apache vs Apache 2?
> Also what Apache modules should I consider installing?
>
> Besides running iptables as my firewall is there anything else I
> should do on the security end? The VPS handles security up to their
> routers but it is up to me to secure my VPS "machine".
>
> Also does anyone know of a nice Debian package that will let me check
> all Apache log files and see visitor IP, referrer, web brower type
> stats from a nice web interface? Ideally it will have a secure login,
> archive all stats and allow me to look at all historical stats from
> the web GUI, and support local and remote access.
>
> Zach
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wplug.org/pipermail/wplug/attachments/20080809/65539f81/attachment.html
More information about the wplug
mailing list