PUBLIC MARKS with tags security & apache

We hope our disclosure has been as open as possible and true to the ASF spirit. Hopefully others can learn from our mistakes.

Nice.

chown

file

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.

This is a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach.

SSL côté client Pour accéder à ce serveur, le client devra posséder un certificat authentifié par (c'est à dire signé ou crypté par la clé privée de) l'autorité de certification choisie. Pour produire un tel certificat au format PKCS#12

Providing Active Directory authentication via Kerberos protocol in Apache

Explique comment intégrer Kerberos dans un htaccess

Tutorial en français pour permettre à apache d'authentifier les gens sous Windows

BinarySEC is an intelligent web application firewall. It runs on Apache web server as a module . Its artificial intelligence engine learns normal traffic received on a website or any web application (provided it uses Apache) and is then able to stop suspicious HTTP requests. It has two modes : alert (suspicious traffic is just reported, not stopped) and blocking mode. The webmaster (or the admin) has the ability to make the AI engine learn normal traffic so that these requests' profiles generate no more false positives. After a few days, no more false alerts will appear, only suspicious traffic will have been blocked. BinarySEC is a relevant tool to harden a web application. A free trial is available on our website. It installs in a few minutes

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.