ModSecurity

“ModSecurity is a toolkit for real-time web application monitoring, logging, and access control.”

The Apache HTTP Server is designed to be a powerful and flexible web server.  What makes Apache so flexible is its modular design.  This design allows the webmaster to choose which features to include by selecting which modules the server will load at run-time (or compile-time), view the complete list and module summary at the Module Index webpage.  Modules provide additional functionality, like URL rewriting to improve the usability and search friendliness of your site, not to mention SSL encryption support.  There are a number of common modules loaded by the server’s configuration file (httpd.conf), by using the LoadModule directive modifications can be applied to load (by uncommenting) any available module.  Many additional modules (or “mods”) are available to extend Apache’s core functionality for your site’s particular needs or purposes.  Apache modules are developed by the Apache Foundation and are part of the core distribution, known as First party.  There are some great resources for Third party modules to help you implement features not available in the core distribution; like Apache Lounge which I highly recommend.

Finally you’ll need to determine which modules to load within the configuration to meet the demands of your particular needs.  Sufficient memory resources are an important function of good server performance so you’ll want to exclude modules not being utilized, this will impact overall memory usage.  Disabling modules is simply a matter of commenting out the associated LoadModule directive for that particular module.  Experiment by removing specific modules and monitoring your site’s performance and function, the true test is – is their absence missed?

If you are trying to tighten up your Apache security why not start with mod_security?

Take a trip over here to learn about ModSecurity, then batten down the hatches!

moorescode