At SearchSecurity.com, Mike Chapple, CISSP writes about some basic steps for securing Apache

A recent study conducted by the market research firm IDC estimates that one-third of the server market will consist of Linux systems by the year 2008. With the growing trend toward Linux deployments, we’re seeing a corresponding increase in the number of Web sites running on the Linux-based Apache Web server. If you’re running Apache in your environment or are considering its implementation, you’ll benefit from these five Apache security tips:

* Verify your distribution. Don’t assume that a Google search will turn up an appropriate Apache distribution. When you need to download the latest release, be sure to obtain it through an authorized mirror site. Even that’s not enough, however. In fact, an attacker once managed to compromise the apache.org site itself. Therefore, it’s critical that you use a tool like PGP to verify the digital signature of the release…

[Continue reading Basic steps for securing Apache]