Customer Rating: 
Summary: Relevant even for application developers
Comment: I am not a server admin, but a web applications developer, so my opinion on this book has a very specific bias. I really enjoyed it, especially because similar material available on-line is usually scattered across a multitude of different sources. Most content is interesting even for application developers and I especially liked the chapters covering different security related modules.
The chapter on automation, being totally based around Bash scripts was almost useless to me (but then, again, I am biased). The book is 100% Unix centric, it's somewhat of a shame, especially since Apache 2 on Windows is a viable option, but it's a choice I can understand
Customer Rating:
Summary: Accumulation of Apache security knowledge in one book
Comment: Apache is still by far the most common web server on the Internet. However, when the purpose of your computer is to allow access to your webpages by anyone on the Internet security needs to be a primary concern. If you are serious about hardening your Apache server you will want to have this book. Author Tony Mobily examines Apache security in detail all the way from making sure the initial installation package has not been hacked at the primary web server site through configuration and installation of security modules. The book has seven chapters that cover configuration, common attacks, logging, scripting attacks, security modules, using a jail, and automating security with scripts. While the book does cover Apache on the various operating systems the focus is on a Linux install, which is appropriate since that is the most common place to install Apache. This is not a book that I would suggest for someone who is totally new to Apache or Linux, but if you have a passing familiarity with them then you will find this to be the missing information from other Apache books. No matter which Apache book you get to learn Apache, your library will be incomplete if it doesn't include "Hardening Apache".
Customer Rating: 
Summary: Valid for several years
Comment: It's quite rare that I get to review a book by a fellow Sandgroper (ie. person from Western Australia). The last time was for "Man Kzin Wars X" by Larry Niven and Hal Colepatch, with Colepatch being from WA. So what is there to say about this book? Well, Mobily has brought under one cover various methods to strengthen Apache against incursions. There are several excellent books on computer security, but as a rule, they tend to survey the entire field. So if they mention Apache, space considerations if nothing else preclude extensive coverage. Here Mobily has made that a non issue. Why Apache? It is probably the most common web server in use, edging out all proprietary rivals. Linux boxes run it by default. But it has also been ported to every other major operating system. So certainly Mobily has chosen a vital application to support. How useful is this book? If you are a systems administrator and have been managing Apache for several years, you probably already know, or should know, the bulk of this book. But a lot of your Apache security experience may have been garnered in bits and pieces over this period, using information from disparate sources. Suppose instead you are installing it for the first time. The actual installation should be trivial. It is the multiple security issues that you have to get right. Which is this book's virtue. It centralises the issues into an easily accessible form. PLus it is not dependent on the latest version of Apache. Barring a fundamental rewrite, which is unlikely because it is stable and well tested, Mobily's suggestions should stay fresh for several years.
|
|
