Apache Security

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X]

man-in-the-middle (MITM) attacks

MaxClients directive maximum clients, limiting 2nd

MaxRequestsPerChild directive MaxSpareServers directive

MaxSpareThreads directive MD5 (Message Digest Algorithm 5) hash function

md5sum hash computing tool

Message Digest algorithm 5 (MD5) hash functions message digest functions

MinSpareServers directive MinSpareThreads directive MITM (man-in-the-middle) attacks

mod_access network access control module

mod_auth module 2nd

mod_auth_dbm module

mod_auth_digest module     required for Digest authentication

mod_auth_ldap module

mod_bwshare traffic-shaping module mod_cgi module

mod_dosevasive DoS defense module mod_fastcgi module 2nd

mod_forensics module

mod_headers module 2nd mod_include module

mod_info module

mod_limitipconn traffic-shaping module

mod_log_config module

     default logging done through

mod_log_sql module

mod_logio module

mod_parmguard module

mod_perchild module versus Metux MPM

mod_php module

mod_proxy module

mod_rewrite module

     map file

     mass virtual hosting deployment     symbolic link effect mod_security firewall module 2nd [See also WAFs]

     actions

         per-rule     anti-evasion features

     Apache 2 performance measurement

     basic configuration

     byte-range restriction

     changing identity server header field

     complex configuration scenarios

     configuration advice 2nd         activation time

         Apache integration         event monitoring

         memory consumption         per-context configuration

         performance impact

     dynamic requests, restriction to     encoding-validation features

     file upload interception and validation     installation     logging

     positive security model, deploying

     preventing sensitive handler use

     request body monitoring

     request processing order     response body monitoring

     rule engine flexibility

         extended variables         standard variables

     scope mod_setenvif module 2nd

mod_ssl module

     custom format strings for logging mod_status module

     server status monitoring

     unreliability of

mod_throttle traffic-shaping module

mod_unique_id module

mod_userdir module

mod_vhost_alias module

mod_watch third-party monitoring module

modules

     access set in options directive

    Apache

         default activation list

         installation, selecting

         module repository     compiled-in, listing     intermodule communication (notes)

     isolation of

     logging, special     mod_access

     mod_auth 2nd

     mod_auth_dbm

     mod_auth_digest

     mod_auth_ldap

     mod_bwshare

     mod_cgi     mod_dosevasive

     mod_fastcgi     mod_forensics

     mod_headers 2nd     mod_include

     mod_info

     mod_limitipconn     mod_log_config

     mod_log_sql     mod_logio     mod_parmguard

     mod_perchild

     mod_php

     mod_proxy

     mod_rewrite     mod_security

     mod_setenvif 2nd

     mod_ssl     mod_status

     mod_throttle     mod_unique_id

     mod_userdir

     mod_vhost_alias     mod_watch third-party monitoring

     MPMs

     multiple authentication, combining

    PHP

         choosing

         installation as

     posix

monitoring

     events

         periodic reporting

         rules for

         SEC

         Swatch

     file integrity         Tripwire integrity checker     networks

         external

         intrusion detection, HTTP traffic and         Nagios and OpenNMS tools

         recommended practices

     real-time, gone bad

     web server status

         graphing

         mod_status module 2nd

         mod_watch third-party module         RRDtool

         scripts for         SNMP

         statistics, fetching and storing