[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache 1.3.33 (from sarge) and mod_chroot



On Thu, Mar 24, 2005 at 07:31:03AM +0100, Krzysztof J??wiak wrote:

> My web server was hacked a few days ago and I decided to install some 
> new program and modules which improve security.

  Good plan.

  Did you find the source of the attack?  If not you're at risk from
 a repeat of the previous one ..

> I find in sarge libapache-mod-chroot which chroot apache (and it work 
> fine) but I can't send mail from php.
> I installed ssmtp in chroot (I think so) in chroot environment but it 
> doesn't help :(

  I can't help you there, but I would suggest you look at mod-security,
 you can find it in Sarge.

  The homepage has lots of documentation, and it includes chroot
 functionality:

	http://www.modsecurity.org/

  There's a brief introduction here:

	http://www.debian-administration.org/?article=65

Steve
--



Reply to: