This document summarizes an advanced Apache web server training session covering security and performance tuning. The key points discussed include: 1) Methods for securing an Apache server such as restricting access, disabling unneeded server technologies, running as a non-root user, using firewalls and encryption. 2) Configuring password-based authentication for protected directories using modules like mod_auth and storing passwords in text files created by the htpasswd utility. 3) An exercise where attendees set up password protection on their local Apache server website using a .htaccess file and htpasswd. 4) Restricting access to protected directories by IP, hostname or domain using directives in httpd.conf or .