Find the answer to your Linux question:
Results 1 to 2 of 2
Any tips for securing and increasing the speed of apache? All I need is the pure basics. My current Setup: APACHE: Compile: Code: ./configure --prefix=/usr/local/apache2 --with-mpm=prefork --enable-mods-shared='rewrite ssl' --enable-rewrite --enable-ssl ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2008
    Posts
    2

    Optimizing/Securing Apache & PHP


    Any tips for securing and increasing the speed of apache? All I need is the pure basics.


    My current Setup:

    APACHE:
    Compile:
    Code:
    ./configure --prefix=/usr/local/apache2 --with-mpm=prefork --enable-mods-shared='rewrite ssl' --enable-rewrite --enable-ssl --with-ssl --disable-env --disable-status --disable-autoindex --disable-cgi --disable-userdir --disable-actions --disable-asis --enable-deflate --enable-so
    Compiled in modules:
    core.c
    mod_authn_file.c
    mod_authn_default.c
    mod_authz_host.c
    mod_authz_groupfile.c
    mod_authz_user.c
    mod_authz_default.c
    mod_auth_basic.c
    mod_filter.c
    mod_log_config.c
    prefork.c
    http_core.c
    mod_mime.c
    mod_dir.c
    mod_actions.c
    mod_alias.c
    mod_so.c


    httpd.conf
    Code:
    ServerRoot "/usr/local/apache2"
    Listen 80
    LoadModule php5_module	modules/libphp5.so
    LoadModule rewrite_module modules/mod_rewrite.so
    LoadModule deflate_module modules/mod_deflate.so
    <IfModule !mpm_netware_module>
    <IfModule !mpm_winnt_module>
    User daemon
    Group daemon
    </IfModule>
    </IfModule>
    ServerAdmin admin@domain.org
    ServerName domain.org:80
    DocumentRoot "/www"
    UseCanonicalName Off 
    ServerSignature Off 
    HostnameLookups Off 
    ServerTokens Prod  
    PidFile /usr/local/apache2/logs/httpd.pid 
    ScoreBoardFile /usr/local/apache2/logs/httpd.scoreboard 
    Timeout 300 
    KeepAlive On 
    MaxKeepAliveRequests 100 
    KeepAliveTimeout 15 
    <IfModule prefork.c> 
    	MinSpareServers 5 
    	MaxSpareServers 10 
    	StartServers 5 
    	MaxClients 150 
    	MaxRequestsPerChild 0 
    </IfModule> 
    <IfModule mod_deflate.c>
    SetOutputFilter DEFLATE
    SetInputFilter DEFLATE
    AddOutputFilterByType DEFLATE application/x-httpd-php application/x-httpd-fastphp application/x-httpd-eruby text/html 
    DeflateFilterNote ratio
    DeflateCompressionLevel 3
    </IfModule>
    <Directory />
    	Options None
    	AllowOverride None
    	Order deny,allow
    	Deny from all
    </Directory>
    <Directory /www>
    	Options None
    	AllowOverride None
    	Order deny,allow
    	Deny from all
    </Directory>
    <Directory "/www/domain.org/html">
    	Options All
    	AllowOverride All
    	Order allow,deny
    	Allow from all
    SetOutputFilter DEFLATE
    SetInputFilter DEFLATE
    AddOutputFilterByType DEFLATE application/x-httpd-php application/x-httpd-fastphp application/x-httpd-eruby text/html
    </Directory>
    <IfModule dir_module>
    	DirectoryIndex index.php index.html
    </IfModule>
    <FilesMatch "^\.ht">
    	Order allow,deny
    	Deny from all
    	Satisfy All
    </FilesMatch>
    ErrorLog "logs/error_log"
    LogLevel debug
    <IfModule log_config_module>
    	LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    	LogFormat "%h %l %u %t \"%r\" %>s %b" common
    	<IfModule logio_module>
    	  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    	</IfModule>
    	CustomLog "logs/access_log" common
    </IfModule>
    <IfModule alias_module>
    	ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"
    </IfModule>
    <IfModule cgid_module>
    </IfModule>
    <Directory "/usr/local/apache2/cgi-bin">
    	AllowOverride None
    	Options None
    	Order allow,deny
    	Allow from all
    </Directory>
    DefaultType text/plain
    <IfModule mime_module>
    	TypesConfig conf/mime.types
    	AddType application/x-compress .Z
    	AddType application/x-gzip .gz .tgz
    	AddType application/x-httpd-php .php
    </IfModule>
    NameVirtualHost domain.org:80
    <VirtualHost domain.org:80>
    	DocumentRoot "/www/domain.org/html"
    	ServerName "domain.org"
    	ServerAlias "domain.org"
    	ErrorLog /www/domain.org/logs/error_log
    	CustomLog /www/domain.org/logs/access_log combined
    </VirtualHost>
    <IfModule ssl_module>
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    </IfModule>
    PHP:
    Compile:
    Default

    php.ini
    Code:
    engine = On
    zend.ze1_compatibility_mode = Off
    short_open_tag = On
    asp_tags = Off
    precision	=  14
    y2k_compliance = On
    output_buffering = 4096
    zlib.output_compression = Off
    implicit_flush = Off
    unserialize_callback_func=
    serialize_precision = 100
    allow_call_time_pass_reference = Off
    safe_mode = On
    safe_mode_gid = Off
    safe_mode_include_dir =
    safe_mode_exec_dir =
    safe_mode_allowed_env_vars = PHP_
    safe_mode_protected_env_vars = LD_LIBRARY_PATH
    disable_functions = phpinfo,dir,readfile,shell_exec,exec,virtual,passthru,proc_close,proc_get_status
    ,proc_open,proc_terminate,syste
    disable_classes = ni_get(), phpinfo(), shell_exec(), popen()
    expose_php = Off
    max_execution_time = 30; Maximum execution time of each script, in seconds
    max_input_time = 60; Maximum amount of time each script may spend parsing request data
    memory_limit = 16M	; Maximum amount of memory a script may consume
    error_reporting  =  E_ALL
    display_errors = Off
    display_startup_errors = Off
    log_errors = On
    log_errors_max_len = 1024
    ignore_repeated_errors = Off
    ignore_repeated_source = Off
    report_memleaks = On
    track_errors = Off
    variables_order = "EGPCS"
    register_globals = Off
    register_long_arrays = Off
    register_argc_argv = Off
    auto_globals_jit = On
    post_max_size = 8M
    magic_quotes_gpc = Off
    magic_quotes_runtime = Off
    magic_quotes_sybase = Off
    auto_prepend_file =
    auto_append_file =
    default_mimetype = "text/html"
    doc_root =
    user_dir =
    extension_dir = "/usr/lib/php/modules"
    enable_dl = On
    file_uploads = Off
    upload_max_filesize = 20M
    allow_url_fopen = On
    default_socket_timeout = 60

  2. #2
    Linux Newbie
    Join Date
    Apr 2008
    Location
    India
    Posts
    170
    compile Mod_ security and Mod_evasive with apache will also keep your server secure.

    Regards
    David Anand
    -->Success is the list of failures ...!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •