Dan Egli
2014-10-14 07:09:12 UTC
Hey plug folks,
I was wondering if anyone had any good URLs for how-to's or FAQs that
explain how to run Apache in a chroot jail. I'm in process of going through
my server configuration and moving everything possible into a chroot jail
for the extra security. The way I figure it, if someone does manage to hack
into my SMTP server, or my IMAP server, or something like that, then at
worst they get access to whatever is in that location, but don't get access
to anything critical. I'm guessing it reduces the likelihood of someone
using my system as a jumping point for spam or other hacks.
I've got the basic setup worked out for my mail servers and my DNS server.
The only other open TCP port on this machine (besides 22 for ssh,
obviously) is http/80. I know Apache has a module for running things in a
chroot environment (mod_root?) but I've never used it, nor until just
recently tried to migrate things to a chroot environment. So I'm looking
for documents that show the process.
Any suggestions are welcome. Basically I'm trying to minimize the exposure
in case someone does try to hack me. :)
--- Dan
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
I was wondering if anyone had any good URLs for how-to's or FAQs that
explain how to run Apache in a chroot jail. I'm in process of going through
my server configuration and moving everything possible into a chroot jail
for the extra security. The way I figure it, if someone does manage to hack
into my SMTP server, or my IMAP server, or something like that, then at
worst they get access to whatever is in that location, but don't get access
to anything critical. I'm guessing it reduces the likelihood of someone
using my system as a jumping point for spam or other hacks.
I've got the basic setup worked out for my mail servers and my DNS server.
The only other open TCP port on this machine (besides 22 for ssh,
obviously) is http/80. I know Apache has a module for running things in a
chroot environment (mod_root?) but I've never used it, nor until just
recently tried to migrate things to a chroot environment. So I'm looking
for documents that show the process.
Any suggestions are welcome. Basically I'm trying to minimize the exposure
in case someone does try to hack me. :)
--- Dan
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/