20 ways to Secure your Apache Configuration
Here are 20 things you can do to make your apache configuration more secure.
Disclaimer: The thing about security is that there are no guarantees or absolutes. These
suggestions should make your server a bit tighter, but don't think your server is
necessarily secure after following these suggestions.
Additionally some of these suggestions may decrease performance, or cause problems
due to your environment. It is up to you to determine if any of the changes I suggest are
not compatible with your requirements. In other words proceed at your own risk.
First, make sure you've installed latest security patches
There is no sense in putting locks on the windows, if your door is wide open. As such, if
you're not patched up there isn't really much point in continuing any longer on this list.
Go ahead and bookmark this page so you can come back later, and patch your server.
Hide the Apache Version number, and other sensitive information.