Apache is a very popular web server, and with that popularity comes a need to ensure its security. In this tutorial, we will show you how to harden and secure the Apache web server by installing and configuring mod_security and mod_evasive Apache modules.
Mod_security is a free web application firewall (WAF) Apache module that helps to protect your website from various attacks such as PHP and SQL injection attacks, cross-site scripting, path traversal attacks etc. Also, it allows for real-time analysis and HTTP traffic monitoring with little or no changes of the existing Apache configuration. Mod_evasive is an Apache module that helps to prevent server brute force attacks and HTTP DoS (DDoS) attacks. (more…)