I have an OpenBSD server that has a running webserver (the built-in apache web srv).
How can I harden this setup? I want to only server static html files, no php, no sql.
networkingopenbsdwebserver
I have an OpenBSD server that has a running webserver (the built-in apache web srv).
How can I harden this setup? I want to only server static html files, no php, no sql.
Best Answer
If you're only serving static files, you don't need modify the config. The defaults are secure. Anyway, the OpenBSD FAQ is your friend, particularly the section about apache+chroot.
In the future, nginx will probably replace apache in base.