The Apache Haus Forum

Advanced search  

News:

Welcome to Apache Haus Distribution Forum

Pages: [1] 2 3 ... 10
 1 
 on: April 29, 2021, 07:18:09 PM 
Started by Gregg - Last post by Gregg
This release is a bug fix & stability release.

This release includes:
APR Version:        1.7.0
APU Version:        1.6.1
Brotli Version:    1.0.7
Jansson Version:    2.13.1
Libcurl Version:   7.76.1
LibXML2 Version:    2.9.10
LUA Version:        5.2.4
NGHTTP2 Version:    1.43.0
OpenSSL Version:    1.1.1k or LibreSSL 3.2.5
PCRE Version:       8.44
SQLite3 Version:    3.35.5
ZLib Version:       1.2.10

You can get your copy of the new Apache HTTP Server from our download page.

Change Log for Apache 2.4.47

 2 
 on: April 27, 2021, 09:57:52 AM 
Started by ErrorReporter - Last post by mario
Further to Greggs' reply, it is recommended to turn that of for OpenSSL in the apache settings

SSLCompression Off

 3 
 on: April 27, 2021, 09:55:37 AM 
Started by carlosdb - Last post by mario
Yes you can use it in production. A lot of people do that, including me.

I only tweak the SSL config and some security headers.

Code: [Select]
Header always set Strict-Transport-Security "max-age=15553000; preload"
SSLUseStapling On
SSLSessionCache shmcb:C:/Windows/Temp/ssl_gcache_data(512000)
SSLStaplingCache shmcb:C:/Windows/Temp/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384

SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1

H2Direct On

SSLOpenSSLConfCmd SignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256
SSLOpenSSLConfCmd ClientSignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256

Code: [Select]
<IfModule mod_headers.c>
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
    Header always set Expect-CT "max-age=86400, enforce"
Header always set Feature-Policy "geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'"
    Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' data:; font-src 'self' 'unsafe-inline' fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval';"
    Header always set Access-Control-Allow-Origin "*"
    Header always set X-Content-Type-Options nosniff
</IfModule>

 4 
 on: April 26, 2021, 10:12:55 PM 
Started by ErrorReporter - Last post by Gregg
LibreSSL has removed that option since it was used in the CRIME attack against TLS.
So "Setting Compression mode unsupported; not implemented by the SSL library" is not a bug.

 5 
 on: April 26, 2021, 05:12:34 PM 
Started by ErrorReporter - Last post by ErrorReporter
Hello! I think I find a bug...
When I use httpd-2.4.46-lre325-x64-vs16 I got error "Setting Compression mode unsupported; not implemented by the SSL library"
With version httpd-2.4.46-o111k-x64-vc15/httpd-2.4.46-o111j-x64-vc15 no errors.

 6 
 on: April 26, 2021, 12:20:53 PM 
Started by carlosdb - Last post by carlosdb
Hello community!!

This is my very first post on this forum, I came across to this site to figure out what's the best option for a personal project I'm running. My question is if I can use Apache Haus for an application that is running in production and if it comes with enough security configuration applied in order to run my site safely.

I have explored the possibility to use IIS but I read performance issues, so it would be nice to know a bit more about your preference of using Apache Haus rather than IIS.

I'm new on this world so any help will be much appreciated.  :D

Many thanks!

 7 
 on: April 22, 2021, 07:44:56 PM 
Started by EHCanadian83 - Last post by EHCanadian83
Thanks :)

 8 
 on: April 20, 2021, 06:54:40 PM 
Started by EHCanadian83 - Last post by Gregg
OK, I've uploaded new builds of the module and tested to make sure they download.
Thank you for reporting the issue  :)

 9 
 on: April 20, 2021, 07:46:01 AM 
Started by EHCanadian83 - Last post by Gregg
Looks like I'm going to have to rebuild them. I will do them tomorrow, check back in 24 hours. It's near bed time.

 10 
 on: April 19, 2021, 10:33:31 PM 
Started by EHCanadian83 - Last post by EHCanadian83
The VS15 mod_maxmind x86 and x64 are showing up but no zip.

Pages: [1] 2 3 ... 10