Apache Web Server Hardening

By Ermin

In this course, learn about Apache web server hardening and why it plays a crucial part in the process of running a web server.

19 hours
  • 64 Lessons
  • 16 Hands-On Labs

About the course

In this course, we teach Apache web server hardening and cover what web server hardening is and why it plays a crucial part in running a web server. We go over several configurations we can perform to help secure our Apache web server as much as possible. In addition, we talk about the different kinds of vulnerabilities Apache is susceptible to. Apache HTTP Server is a free, open-source web server that runs approximately 45% of today’s websites, which is why learning how to secure it properly is extremely important.

Web servers are in many cases located at the edges of networks, so they are exposed to attacks more frequently than other parts of networks. Web servers are always targeted with requests, both manually and automatically, through scripts. At the beginning of this course, we provide an introduction to web server hardening and teach how to properly install and configure an Apache server. All steps are performed on Centos7, but we could use the same commands for other Linux operating systems. Keep in mind that the installation process is precisely where the process of server hardening begins. It is very important to conduct a proper installation and configuration in order to protect the server and make it less vulnerable. Remember that the default settings are easily bypassed.

Moreover, we also cover how to configure a firewall correctly. We share some basic firewalld concepts and terms like:

  • zones
  • instances
  • firewalld commands
  • blacklists

Subsequently, we present several other topics. For example, we dive into Security-Enhanced Linux (SELinux) and see why it is important to use it with Apache and how it benefits us. SELinux represents mandatory access controls (MAC), allowing fine-grain access controls for resources such as files, devices, networks, and inter-process communication. In many cases, administrators disable SELinux because it causes complications with Apache, and there is not enough time to configure everything correctly in the system. This usually results in decreased security.

Some practical skills this course imparts are how to create automated scripts, manage apache directory access, perform log examination, and exploit a server using a well-known vulnerability: ShellShock. Automated scripts enable us to automatically perform server and SELinux checks, which is necessary when handling thousands or even millions of Apache instances at once. We create our own automated script for our needs, but we can always incorporate scripts written by others as well. We also create a capture file using the tcdump tool so we can recognize if there’s anything suspicious going on in the system. If something suspicious is detected, we will then inspect the traffic in Wireshark.

We also cover information over logs. Logging is essential in any system. We share how to configure our own log level for both general and specific traffic. By the end of this course, you will have a better understanding of the Apache server and be more aware of the dangers it’s exposed to. You will also be able to set up and configure various parts of the system more securely, as well as search for potential threats.

Course Diagram

What you will need

  • * Basic previous knowledge and experience working with Apache Web Server. * Basic previous knowledge and experience working with Bash scripts. * Basic understanding of firewalls. * Basic understanding of mandatory and discretionary access controls.

What are Hands-on Labs

What's the difference between theoretical knowledge and real skills? Practical real-world experience. That's where Hands-on Labs come in! Hands-on Labs are guided, interactive experiences that help you learn and practice real-world scenarios in real cloud environments. Hands-on Labs are seamlessly integrated in courses, so you can learn by doing.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?