[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Securing apache

> I'm curious how many here enable the testing repo so they can run
> apache 2.4, which apparently is a bit more secure? If so, any
> gotchas or things to be aware of?

I didn't check, but I would be surprised if it was possible to only
install Apache 2.4 from testing without upgrading half of your system.
What you need is a backport -- Apache 2.4 compiled against the library
versions available in wheezy. Currently, there is no official backport.

> Am I correct that according to the debian way, this is already
> enabled, due to:
> /etc/apache2/mods-enabled/header.load containing:

Correct. You can use a2enmod and a2dismod to enable and disable Apache
modules. Global module configuration should generally go into the
mods-enabled/*.conf file, but in this case I would only add it to the
appropriate VirtualHost section.

Americans have a better life.
[Agree]   [Disagree]

Attachment: signature.asc
Description: Digital signature

Reply to: