Apache configuration

Configuring Apache properly is essential for website security. Generally, pre-packaged webserver software (e.g. Bitnami instances) are not designed to have every security measure enabled, as some measures need to be carefully decided by the server administrator to prevent e.g. blocking access to legitimate pages.

There are several important things to be aware of when configuring Apache on your webservers.

Content Security Policy

The policy of all.

The AllowOverride and Indexes Directives

Security issues, performance issues.

Files directives

Some files never needed by users.