PUBLIC MARKS from camel with tags apache & install

This article explains how you can install and configure apache2-mpm-peruser on a Debian Etch server. apache2-mpm-peruser is an MPM (Multi-Processing Module) for the Apache 2 web server, very similar to apache2-mpm-itk, but faster (almost as fast as apache2-mpm-prefork). mpm-peruser allows you to run each of your vhosts under a separate UID and GID - in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts. It is based on metuxmpm, a working implementation of the perchild MPM. The result is a sane and secure web server environment for your users, without kludges like PHP's safe_mode.

This article shows how to install and configure ModSecurity (version 2) for use with Apache2 on a Debian Etch system. ModSecurity is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

mod_defensible is an Apache 2.x module intended to block spammers/hackers/script kiddies using DNSBL servers. It will look at the client IP and check it in one or several DNSBL servers and return a 403 Forbidden page to the client. This guide shows how to install and use it with Apache 2 on a Debian Etch server.

In this tutorial I will describe how to install and configure mod_cband on an Apache2 web server. mod_cband is an Apache 2 module which provides bandwidth quota and throttling. It solves the problem of limiting users' and virtualhosts' bandwidth usage. The current version can set virtualhosts' and users' bandwidth quotas, maximal download speed, requests-per-second speed and the maximal number of simultanous IP connections.

Lighttpd, sometimes pronounced "Lighty", is a lightweight HTTP server that can help alleviate Apache's load by serving static content. Since Lighttpd uses less resources per request than Apache, it generally serves most static content faster than Apache. This tutorial shows how to install Lighttpd behind Apache via Apache´s proxy module.

Pound is a reverse-proxy load balancing server. It accepts requests from HTTP / HTTPS clients and distributes them to one or more Web servers. The HTTPS requests are decrypted and passed to the back-ends as plain HTTP. It will act as: a) Server load balancer b) Reverse proxy server c) Apache reverse proxy etc d) It can detects when a backend server fails or recovers, and bases its load balancing decisions on this information: if a backend server fails, it will not receive requests until it recovers e) It can decrypts https requests to http ones f) Rejects incorrect requests h) It can be used in a chroot environment (security feature)

In this article I describe how to install and setup the Cacti in a ISPConfig Server. There aren't many differences from installing in other ISP Managers or standalone Apache installations. I tried many others solutions, but Cacti is very simple and fast to implement.

Secure PHP installation - Lorenzo Alberton