Extend the potential of lunar with Web server
Barnoux opened this issue · 4 comments
I really like the work you do with Lunar about hardenning UNIX systems.
I saw that you did something with docker and it’s very cool.
Do you think you can do something with web server like Apache ?
Not sure what you're after. If you mean support for auditing apache. There is some support.
./lunar.sh -S |grep apache
audit_apache
I did look at the CIS benchmarks, but they were quite out of date.
There's no doubt more that can be done, but I'd need a good benchmark/standard as a basis.
Alright thank for your answer didn't see that there is some support for apache. For the record, i just want to follow some best security pratice. Because i want to work with apache (as a web server) in the future. And i saw that CIS published a benchmark for apache.
But i don't understand your sentence :
I'd need a good benchmark/standard as a basis.
IMO the CIS Benchmark is a good technical standard to hardening a technology (when you are a beginner and you don't know where to start).
What make you think that the CIS benchmark for apache could be better ?
CIS Apache HTTP Server 2.4 Benchmark v1.5.0 - 06-12-2019 => execpt that the cis benchamark was out of date.
As you said no doubt that more can be done but i wanted to ask.
I hadn't noticed the CIS Apache benchmarks had been updated in December 2019, I'll take a look. The previous ones I had were from 2014/2015.
I've added a bit more Apache support. There was some stuff that I could add quickly. More support will have to wait until I've got some more spare time.