•
Lastest patches from Apache
• Modify the default Apache HTTP
Response
• Only compile modules server
requires
• Running Apache in a chroot()
environment
• Do not run Apache as root (nobody**)
• Remove default HTML content,
include CGI
• Do not conf CGI support, remove
all sample CGI, Audit the remaining CGI & Logs, Ensure input
buffer, No Source-view, Directory Indexing
|