Best practices securing HTTP/HTTPS


Update software and apply security fixes

The Apache HTTP Server has a good record for security and a developer community highly concerned about security issues. But it is inevitable that some problems will be discovered in software after it is released. For this reason, it is crucial to keep aware of updates to the software. 

Of course, most times that a web server is compromised, it is not because of problems in the HTTP Server code. Rather, it comes from problems in add-on code, CGI scripts, or the underlying Operating System. You must therefore stay aware of problems and updates with all the software on your system.

Apache from SCO comes configured with security in mind, but there are a few common mistakes that can be made when changing the configuration file.