2.2.5. Securing the Apache HTTP Server
The Apache HTTP Server is one of the most stable and secure services that ships with Fedora. A large number of options and techniques are available to secure the Apache HTTP Server — too numerous to delve into deeply here. The following section briefly explains good practices when running the Apache HTTP Server.
System administrators should be careful when using the following configuration options (configured in /etc/httpd/conf/httpd.conf
):
Important
Do not remove the
IncludesNoExec
directive. By default, the
Server-Side Includes (
SSI) module cannot execute commands. It is recommended that you do not change this setting unless absolutely necessary, as it could, potentially, enable an attacker to execute commands on the system.