Howdy,
I has always been anal about security...
:0
Just came across several good rulesets for securing web server with
mod_security plugin for apache:
1) http://www.gotroot.com/tiki-index.php?page=mod_security+rules
2) http://www.linuxtechs.net/mod_security
...which triggered some of my previous thoughts:
There has always been a certain lack of out-of-the-box toolset aiming at
Hosting Server overall protection.
Which we overcome partially by hacking configs and adding security
awareness, such as anti-DoS in sendmail.mc, installing 3rd party firewalls
etc.
Most of these hacks are done individually, i.e. every each of us does it
him/herself for his/her servers.
We could bring this topic here as a common task to build security templates
for BQ, for every app that could be tuned this way.
Then devs could revise them and submit to repo and distro, as a default.
3rd party firewalls added, this could make BQ one of most secure Hosting
platforms, which is a big deal.
Please your opinions!
Best,
--
Arthur Sherman
+972-52-4878851
http://www.cpt.co.il/