Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache
Download as ODP, PDF0 likes346 views
This document provides instructions for securing an Apache web server using a chroot jail on CentOS 5. It begins with an introduction to chroot jails and their purpose. It then outlines the objectives of building a chroot environment and securing Apache with chroot. The bulk of the document details the 7 steps to configure this: 1) Create a jail directory, 2) Install Apache, 3) Install the mod_chroot module, 4) Configure Apache mod_chroot, 5) Disable SELinux, 6) Patch the httpd init script, and 7) Start the chrooted httpd process. Diagrams and code snippets are provided to demonstrate each configuration step.
![S F D 2012 @ HUS
Securing an Apache Web Server using
Chroot
Nguyễn Năng Thắng
Fedora Ambassador Vietnam
HN Community Space, HanoiLUG, Ubuntu-vn
thangnguyennang1988 [at] gmail [dot] com
This presentation is licensed under a Creative Commons 2
Attribution-ShareAlike (CC-BY-SA) 3.0 license.](https://image.slidesharecdn.com/sfdhanoi2012nguyennangthang-sfd2012chrootapache-120918024213-phpapp01/85/Sfd-hanoi2012-nguyen-nang-thang-sfd-2012_chroot_apache-2-320.jpg)
Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache
- 1. 2012
- 2. S F D 2012 @ HUS Securing an Apache Web Server using Chroot Nguyễn Năng Thắng Fedora Ambassador Vietnam HN Community Space, HanoiLUG, Ubuntu-vn thangnguyennang1988 [at] gmail [dot] com This presentation is licensed under a Creative Commons 2 Attribution-ShareAlike (CC-BY-SA) 3.0 license.
- 3. Chroot () environment Chroot jail Workshop 3
- 4. Chroot Environment chroot () environment? 4
- 6. Chroot Environment “chroot jail”? 6
- 7. Workshop 7
- 8. Objectives Building a chroot environment Securing an Apache Web Server using chroot Requirements Server: Apache Web Server Server OS: CentOS-5 Jail directory: chroot 8
- 9. TODO Step1. Create a jail directory Step2. Install Apache Step3. Install mod_chroot Step4. Configure Apache mod_chroot Step5. Disable SELinux Step6. Patch up /etc/init.d/httpd Step7. Start chrooted httpd 9
- 10. Step1. Create a jail directory 10
- 11. Step2. Install Apache 11
- 12. Install Apache Install required packages # httpd, httpd-devel, php ... Create required directory /chroot/var/www/html /chroot/var/run /chroot/tmp /chroot/home/httpd Notes /chroot/var/run: store PID ... (root.root) /chroot/tmp: used by many scripts ... (777/???) 12
- 13. Step3. Install mod_chroot 13
- 14. Install mod_chroot The mod_chroot project Download source code from the Internet Untar the source code Using apxs to compile and install the source code 14
- 15. Step4. Configure Apache mod_chroot 15
- 16. Step5. Disable SELinux 16
- 17. Step6. Patch up /etc/init.d/httpd 17
- 18. Step7. Start chrooted httpd 18
- 19. Thank you! 19
- 20. Questions? 20