Folks,
I've never implemented a secure server before - and I now have a project
for it - It will be an Apache 1.3 environment tuned with PHP and MySQL
- and I'd appreciate any comments/advice/note from folk who have done
similar. I have my application working fine in a non-SSL environment
and believe the switch-over should not be too difficult. But...
Can someone confirm the following:
My LAMP (Linux, Apache, MySQL and PHP) sit all on the same server - I
only require SSL between client and server therefore I believe I do not
need to tune PHP/MySQL - true/false?
I have the following modules compiled in my Apache httpd
Compiled-in modules:
http_core.c
mod_vhost_alias.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_include.c
mod_dir.c
mod_cgi.c
mod_actions.c
mod_alias.c
mod_access.c
mod_auth.c
mod_unique_id.c
mod_so.c
mod_setenvif.c
mod_ssl.c
mod_php4.c
suexec: enabled; valid wrapper /opt/apache/bin/suexec
I believe I have everything I need already compiled in - true/false?
Is it sufficient for me just to edit the my httpd.conf file under the
heading 'SSL Virtual Host Context' and tune accordingly?
Since my server sits behind an external firewall, and since the only
services will be ssh and apache listening, would one consider that
reasonably secure? Can anyone recommend any other steps I might consider?
Since Apache/PHP sit on the same server as MySQL I plan on having them
use sockets (pipes?) and not tcp/ip port 3306 - I've not done this
before either but believe it gives added security and performance
benifits - Can anyone offer advice/comments on this?
Help, via the newsgroup for all to learn/share would be greatly appreciated,
Thanks
randelld 2 1977
Randell D. wrote: Folks,
I've never implemented a secure server before - and I now have a project for it - It will be an Apache 1.3 environment tuned with PHP and MySQL - and I'd appreciate any comments/advice/note from folk who have done similar. I have my application working fine in a non-SSL environment and believe the switch-over should not be too difficult. But...
Can someone confirm the following:
My LAMP (Linux, Apache, MySQL and PHP) sit all on the same server - I only require SSL between client and server therefore I believe I do not need to tune PHP/MySQL - true/false?
I have the following modules compiled in my Apache httpd Compiled-in modules: http_core.c mod_vhost_alias.c mod_env.c mod_log_config.c mod_mime.c mod_negotiation.c mod_include.c mod_dir.c mod_cgi.c mod_actions.c mod_alias.c mod_access.c mod_auth.c mod_unique_id.c mod_so.c mod_setenvif.c mod_ssl.c mod_php4.c suexec: enabled; valid wrapper /opt/apache/bin/suexec
I believe I have everything I need already compiled in - true/false?
Is it sufficient for me just to edit the my httpd.conf file under the heading 'SSL Virtual Host Context' and tune accordingly?
Since my server sits behind an external firewall, and since the only services will be ssh and apache listening, would one consider that reasonably secure? Can anyone recommend any other steps I might consider?
Since Apache/PHP sit on the same server as MySQL I plan on having them use sockets (pipes?) and not tcp/ip port 3306 - I've not done this before either but believe it gives added security and performance benifits - Can anyone offer advice/comments on this?
Help, via the newsgroup for all to learn/share would be greatly appreciated,
Thanks randelld
The only "outside" traffic will be between the users browser and Apache
- on port 443. The "conersations" between Apache, PHP and Mysql should
all be internal to the system. You just have to make sure your pages
are all redirected to port 443. (https).
Michael Austin.
Michael Austin wrote: Randell D. wrote:
Folks,
I've never implemented a secure server before - and I now have a project for it - It will be an Apache 1.3 environment tuned with PHP and MySQL - and I'd appreciate any comments/advice/note from folk who have done similar. I have my application working fine in a non-SSL environment and believe the switch-over should not be too difficult. But...
Can someone confirm the following:
My LAMP (Linux, Apache, MySQL and PHP) sit all on the same server - I only require SSL between client and server therefore I believe I do not need to tune PHP/MySQL - true/false?
I have the following modules compiled in my Apache httpd Compiled-in modules: http_core.c mod_vhost_alias.c mod_env.c mod_log_config.c mod_mime.c mod_negotiation.c mod_include.c mod_dir.c mod_cgi.c mod_actions.c mod_alias.c mod_access.c mod_auth.c mod_unique_id.c mod_so.c mod_setenvif.c mod_ssl.c mod_php4.c suexec: enabled; valid wrapper /opt/apache/bin/suexec
I believe I have everything I need already compiled in - true/false?
Is it sufficient for me just to edit the my httpd.conf file under the heading 'SSL Virtual Host Context' and tune accordingly?
Since my server sits behind an external firewall, and since the only services will be ssh and apache listening, would one consider that reasonably secure? Can anyone recommend any other steps I might consider?
Since Apache/PHP sit on the same server as MySQL I plan on having them use sockets (pipes?) and not tcp/ip port 3306 - I've not done this before either but believe it gives added security and performance benifits - Can anyone offer advice/comments on this?
Help, via the newsgroup for all to learn/share would be greatly appreciated,
Thanks randelld The only "outside" traffic will be between the users browser and Apache - on port 443. The "conersations" between Apache, PHP and Mysql should all be internal to the system. You just have to make sure your pages are all redirected to port 443. (https).
Michael Austin.
Thanks This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Mike |
last post by:
I am sure that I am making a simple boneheaded mistake and I would
appreciate your help in spotting in. I have just installed
apache_2.0.53-win32-x86-no_ssl.exe
php-5.0.3-Win32.zip...
|
by: Grant Collins |
last post by:
Hi
I am writing a web based application as part of a small project that I
am undertaking using servlets beans and jsp.
I already have one servlet - bean - jsp page working and I have
written...
|
by: ptaz |
last post by:
Hi I'm trying to run a web page but I get the following error. Ca
anyone please tell me a solution to this.
Thanks
Ptaz
HTTP Status 500 -
type Exception report
|
by: Alex Madon |
last post by:
Hello,
I am testing a web application (using the DBX PHP function to call a
Postgresql backend).
I have 375Mb RAM on my test home box.
I ran ab (apache benchmark) to test the behaviour of the...
|
by: zhenya.tkachenko |
last post by:
Hi!
Have a problem with mod_auth_mysql.
Compilation and installation of module done ok:
# /usr/local/apache/bin/apxs -c -L/usr/lib/mysql -I/usr/include/mysql
-lmysqlclient -lm -lz...
|
by: MaiyaHolliday |
last post by:
Hello,
I've recently installed apache on a new computer, and cannot figure out why my site will not process any includes. (it was working on my old one) There are no errors on the page such as...
|
by: amanjsingh |
last post by:
Hi, I am trying to implement Java Web Service using Apache Axis2 and Eclipse as a tool. I have created the basic code and deployed the service using various eclipse plugin but when I try to invoke...
|
by: rsrinivasan |
last post by:
Hi All,
When i run my JSP program, ihave the following exception. How i solve this problem?
HTTP Status 500 -
...
|
by: josequinonesii |
last post by:
I've searched, I've read, I've tested and re-read numerous post but to no avail yet...
Quite simply, the settings I've applied to my httpd.conf, httpd-vhost.conf and my hosts files simply does not...
|
by: ramprakashjava |
last post by:
sorry still that error exist , how to avoid this deprecated method overriding
in my netbeans !
In Bundled tomcat log it shows
Dec 30, 2009 9:03:45 PM...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |