apache security

I have a file on my apache server which i do not want the public to access. I have a couple of IP addresses that will be needing the file, hence i…

Is password protecting a directory with .htaccess the best way to prevent its files from being seen by unauthorized users? Are there any…

I need to disable that indexing when I enter on my root directory on a apache2 server, any tips?

I have a facebook application that I built as an FBML app. Recently I noticed that FBML is depricated and that Facebook now recommends only iframe…

I try to configure my Apache .conf file to deny listing from a certain category, but I want to allow a specific file inside this category. It…

I figure this can be accomplished with htaccess but I'm not sure how. Payment processors of our site has a generic response handler that determines…

Since our shared hosting server doesn't allow us to setup Tomcat I decided to install it on our local machine. The local Tomcat server allows us to…

I'm implementing mod_security on an apache server. In order to test the effectiveness of the protection, I am looking for a client that can generate…

Hi, I'm currently setting up apache on a linux server and need to create a new user which can log in and only edit files in a particular directory.…

I don't mean to question the well established security precaution of putting apache in a chroot-jail in most scenarios but in my scenario I have…

I was wondering if I should set up a secure connection for the db administration application (phpmyadmin) for my sites. They don't store credit…

Hi, I have a server running Centos 5.6/PHP/MySQL etc that will only host one website all the time. New question Is there any security implication on…

For the sake of discussion, pretend that I have an Apache webserver which serves a website at www.example.org. This domain name resolves to the…

I maintain a website that shows a google maps map with a bunch of annotations. These annotations are fetched using JQuery Ajax from a PHP page which…

I'm currently administrating a Gentoo server hosting a few dozen websites for friends and people with common interests. I may be moving to a new…

Many times google alert me that abuse content or phising is installed in my website example.com But looking about it there is nothing on my public…

I'm building a site in which users can upload photos, and they can mark them as private, so no one can see them. I know how to use an ACL-based…

On my site I need to throttle user requests for various reasons: Prevent overquerying of database or 3rd party apis Prevent spam Preventing others…

I refered to this question . The patch suggested in the accepted solution, essentially always permits OPTIONS and PROPFIND at / My question is -…

A quick run through of what I've done: apt-get install libapache-mod-security a2enmod mod-security create /etc/apache2/mod_security_rules/ with…