Re: Apache 1.3.33 (from sarge) and mod_chroot
On Thu, Mar 24, 2005 at 07:31:03AM +0100, Krzysztof J??wiak wrote:
> My web server was hacked a few days ago and I decided to install some
> new program and modules which improve security.
Good plan.
Did you find the source of the attack? If not you're at risk from
a repeat of the previous one ..
> I find in sarge libapache-mod-chroot which chroot apache (and it work
> fine) but I can't send mail from php.
> I installed ssmtp in chroot (I think so) in chroot environment but it
> doesn't help :(
I can't help you there, but I would suggest you look at mod-security,
you can find it in Sarge.
The homepage has lots of documentation, and it includes chroot
functionality:
http://www.modsecurity.org/
There's a brief introduction here:
http://www.debian-administration.org/?article=65
Steve
--
Reply to: