Apache compilation (security options)
Some months ago I had to compile the Apache server for the CALTER webGIS and it was a bit tricky because it needed an external module called mod_security and the version 2.0 refused to work (come GCC 4.1 problem if I recall). This is a some how compilation with security on mind
./configure --prefix=/usr/local/apache2 --with-mpm=prefork --disable-charset-lite --disable-include --disable-env --enable-setenvif --disable-autoindex --disable-asis --disable-cgi --disable-negotiation --disable-imap --disable-actions --disable-userdir --disable-alias --disable-so --enable-ssl --enable-modules=acess --enable-module=log_config --enable-module=dir --enable-module=auth --enable-unique_id --enable-usertrack --enable-proxy --enable-proxy-http --with-module=prox y:modules/proxy/modsecurity-apache_1.9.4/apache2/mod_security.c --enable-securi ty --enable-so --enable-rewrite
The setenvif should had been disable, but it in the end was necessary, If I recall it was PHP that was in need.
The mod_security has to be unpacked to the directory /modules/proxy and also the the Apache needs to be compile with the --enable-proxy-http
The modules are all statically linked, initially I wanted everything statically so there was no load modules options but I didn't managed to statically compile PHP in Apache2.
0 Comments:
Post a Comment
<< Home