Advance Apache Security – mod_proxy,mod_security and mod_evasive

Earlier to this post we have talked ’bout apache server installation for best performance and securing the server using tcp wrappers and iptables filrewall, let’s take the whole discussion one step further and talk ’bout application security hosted on your web server.

As more and more attacks are being carried out over the HTTP layer there is a growing need to push the envelope and bring Web security to new levels. Most existing tools work on the TCP/IP level, failing to use the specifics of the HTTP protocol in their operation. The need for increased security has lead to the creation of application gateways, tools that are essentially reverse proxies with the added capability of protocol analysis. Apache web server it self provides solution of the problem to a great extent, provided it’s loaded with some specific modules. (more…)

Configure Linux Box as Internet Gateway

My last few post were ’bout Linux firewall and Network address translation using iptables. For me iptables is a very dynamic tool to configure things with Linux box, like free Linux firewall, transparent proxy and Linux router to share internet connection. So this post is ’bout configuring Linux box as a secure and safe internet gateway using iptables and squid.

You don’t need a hi-fi machine for the task, any low end machine could do good enough with two Network Interface Card installed on it. I’m always comfortable with fedora core so i used it again however any destro could do but then the steps here might need same changes, anyways i’ve used fedora core 6 i.e. latest kernel with iptables support. Once installed you are ready to configure Linux router on the system. (more…)