Time for another enhancement for the Apache web server. If you followed my other 2 Apache postings, you will have a secure web server configuration which has SSL enabled and is monitored by the mod_security application level firewall. Now it is time to setup the WebDAV module so that you can use your web server as an external file storage.
Now that the basic Apache configuration is working, let’s take some time to harden the installation. The module mod_security is really handy for this task. It is an application level firewall meaning that it will inspect incoming requests to the webserver and try to identify possible attacks like code injection, SQL injection and cross-site-scripting. As handy as this tool might be, it is not meant as a substitute for a secure PHP or Apache configuration, so you still need to take care not to open potential security holes there. If you followed my basic Apache and PHP setup you should be on the safe side, as the most exploited security holes have already been closed.
After setting up the mail system, I continued today with the basic webserver setup. This setup includes a basic Apache2 configuration with SSL and name based virtual hosts. PHP5 and MySQL5 are also needed for serving dynamic content.