Home arrow Apache arrow Page 2 - Putting Apache in Jail

Finishing touches for Apache jail preparation - Apache

In this conclusion to a six-part series on Apache configuration and installation, you will learn how to use chroot to put Apache in jail, how to prepare PHP to work in jail, and more. This article is excerpted from chapter two of Apache Security, written by Ivan Ristic (O'Reilly; ISBN: 0596007248). Copyright 2006 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

  1. Putting Apache in Jail
  2. Finishing touches for Apache jail preparation
  3. Preparing PHP to work in jail
  4. Taking care of small jail problems
  5. Using mod_security or mod_chroot
By: O'Reilly Media
Rating: starstarstarstarstar / 2
January 31, 2008

print this article



The walls of the jail are now up. Though the following files are not necessary, experience shows that many scripts require them. Add them now to avoid having to debug mysterious problems later.

Construct special devices after using ls to examine the existing /dev folder to learn what numbers should be used:

  # mkdir /chroot/apache/dev
  # mknod -m 666 /chroot/apache/dev/null c 1 3
  # mknod -m 666 /chroot/apache/dev/zero c 1 5
  # mknod -m 644 /chroot/apache/dev/random c 1 8

Then, add a temporary folder:

  # mkdir /chroot/apache/tmp
  # chmod +t /chroot/apache/tmp
  # chmod 777 /chroot/apache/tmp

Finally, configure the time zone and the locale (we could have copied the whole /usr/ share/locale folder but we will not because of its size):

  # cp /usr/share/zoneinfo/MET /chroot/apache/
# mkdir
-p /chroot/apache/usr/lib/locale
# set | grep LANG
cp -dpR /usr/lib/locale/en_US.utf8 /chroot/ apache/usr/lib/locale  

>>> More Apache Articles          >>> More By O'Reilly Media

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Apache Unveils Cassandra 1.2
- Apache on ARM Chips? Dell and Calxeda Help M...
- The Down Side of Open Source Software
- VMware Unveils Serengeti for Apache Hadoop
- SAP Takes Steps to Improve Hadoop Integration
- Looking to Hone Apache Hadoop Skills?
- How to Install Joomla on WAMPP
- Working with XAMPP and Wordpress
- GUI Available for Apache Camel
- Reduce Server Load for Apache and PHP Websit...
- Creating a VAMP (Vista, Apache, MySQL, PHP) ...
- Putting Apache in Jail
- Containing Intrusions in Apache
- Server Limits for Apache Security
- Setting Permissions in Apache

Developer Shed Affiliates


Dev Shed Tutorial Topics: