This is the Title of the Book, eMatter Edition
Copyright © 2005 O’Reilly & Associates, Inc. All rights reserved.
Installation and Configuration
Installation is the first step in making Apache functional. Before you begin, you
should have a clear idea of the installation’s purpose. This idea, together with your
paranoia level, will determine the steps you will take to complete the process. The
system-hardening matrix (described in Chapter 1) presents one formal way of deter-
mining the steps. Though every additional step you make now makes the installa-
tion more secure, it also increases the time you will spend maintaining security.
Think about it realistically for a moment. If you cannot put in that extra time later,
then why bother putting the extra time in now? Don’t worry about it too much,
however. These things tend to sort themselves out over time: you will probably be
eager to make everything perfect in the first couple of Apache installations you do;
then, you will likely back off and find a balance among your security needs, the effort
required to meet those needs, and available resources.
As a rule of thumb, if you are building a high profile web server—public or not—
always go for a highly secure installation.
Though the purpose of this chapter is to be a comprehensive guide to Apache instal-
lation and configuration, you are encouraged to read others’ approaches to Apache
hardening as well. Every approach has its unique points, reflecting the personality of
its authors. Besides, the opinions presented here are heavily influenced by the work
of others. The Apache reference documentation is a resource you will go back to
often. In addition to it, ensure you read the Apache Benchmark, which is a well-
documented reference installation procedure that allows security to be quantified. It
includes a semi-automated scoring tool to be used for assessment.
The following is a list of some of the most useful Apache installation documentation
I have encountered:
• Apache Online Documentatio