[Owncloud] OC on apache with hardened security?

Arman Khalatyan arm2arm at gmail.com
Thu Feb 7 19:09:25 UTC 2013


Thanks, Daniel.
Where Should I put HA+OC on CentOS?
I have already some documentation in latex, easy to integrate to OC
documentation in which section should I add?

Arman.


On Tue, Feb 5, 2013 at 11:15 PM, Daniel Molkentin <danimo at owncloud.com> wrote:
> Hi,
>
>
> On 02/05/2013 10:48 PM, Arman Khalatyan wrote:
>
> Hi,
> Are there some general suggestions on hardening  the apache sever with OC?
> I will suggest to put somewhere on main OC documentation some general
> suggestion on hardware and installation setup.
>
> Only to the extend documented in http://doc.owncloud.org/.
>
>
> For example I use HA-CentOS with drbd on 2 nodes with corosync.
>
> Interesting setup. Maybe also worth sharing.
>
> Please give your hints here, so for starting there some of mine hints:
> 0) use HTTPS instead of HTTP
> in virtual host config:
> 1) ServerSignature Off
> 2) ServerTokens Prod
> 3) TraceEnable off
> 4) Disable WebDAV(OC has own-sabredav ) and remove all other unused
> apache modules.
> 5)mod_security
>
> Yes, a chapter on general security with apache is sorely needed.
>
> You can contribute your knowledge by adding documentation to the ownCloud
> doc repository at https://github.com/owncloud/documentation/tree/stable45.
> Contribution guidelines:
> https://github.com/owncloud/documentation/blob/master/CONTRIBUTING.rst. Much
> appreciated!
>
> --
> www.owncloud.com - Your Data, Your Cloud, Your Way!
>
> ownCloud GmbH, GF: Markus Rex, Holger Dyroff
> Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)



More information about the Owncloud mailing list