The Apache Haus Forum

Advanced search  

News:

Welcome to Apache Haus Distribution Forum

Pages: [1]   Go Down

Author Topic: What is the secure way to set up apache to route requests?  (Read 1542 times)

Rezoyen

  • Newbie
  • *
  • Offline Offline
  • Posts: 1
What is the secure way to set up apache to route requests?
« on: December 19, 2019, 12:20:07 PM »

If I were to setup several applications on an apache webserver what would be the most secure way to route requests and prevent file traversals? Is it through virtualhosts, permanent redirects, and a document root for each app?

As an example lets say I have example.com/app1 and then example.com/app2 and rather than dropping through a shared app you have to allow direct access to app1 and app2 separately and lock down their directories separately and route file traversing back to the central application file respective to either app1 or app2. I've heard .htaccess can do this but I don't like the idea of introducing an additional attack vector when it may be possible to get the same results in a more secure and cached form.

I'm reading through the documentation but they don't seem to take an opinionated approach - so feel free to point me to a topic in the official docs and I can followup on the reading.
« Last Edit: December 19, 2019, 03:03:25 PM by mario »
Logged

mario

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 597
Re: What is the secure way to set up apache to route requests?
« Reply #1 on: December 19, 2019, 03:04:17 PM »

Sure a vhost for each application would do a good job. If you have the time, you may set up mod_security.
Logged
Pages: [1]   Go Up
 

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13