Apache Server

irain

macrumors regular
Original poster
Aug 1, 2005
141
0
Hi, I'm trying to get my Apache server working on my iBook. I heard many people recommend not to do it because it's like a sure-fire way to become hacked easily. That's one question I have... How easy is it to be hacked? Also, it won't even set up for me. I don't know why. Is it because I have a DSL connection with a dynamic IP?
 

kwajo.com

macrumors 6502a
Jul 17, 2002
895
0
Bay of Fundy
hmmm, I'm not sure, I've had Apache server running on various machines for over 2 years now and no hacking has taken place, but I'm not sure, obviously you're opening your machine somewhat. I run the OS X firewall and a hardware firewall on my router, probably more peace of mind than actual protection, but it's worked out fine so far
 

OutThere

macrumors 603
Dec 19, 2002
5,730
0
NYC
Having Apache running on your computer, and the appropriate ports open on your firewall does theoretically make your computer more vulnerable, but in reality it's definitely not a "sure fire way to get hacked". As long as you take appropriate security measures, like having your firewall set up correctly and turning off things such as Server Signature your chances of getting hacked are quite slim. Apache is what powers a large portion of websites across the world, and if it in itself was that vulnerable websites would go down a lot.

Having a dynamic IP will greatly decrease your chances of getting hacked, as well, because it will change each time your modem gets reset, making your virtually un-findable for any would-be hackers. (Unless you use some sort of DynDNS service that is).
 

belvdr

macrumors 603
Aug 15, 2005
5,660
1,022
No longer logging into MR
OutThere said:
Having Apache running on your computer, and the appropriate ports open on your firewall does theoretically make your computer more vulnerable, but in reality it's definitely not a "sure fire way to get hacked". As long as you take appropriate security measures, like having your firewall set up correctly and turning off things such as Server Signature your chances of getting hacked are quite slim. Apache is what powers a large portion of websites across the world, and if it in itself was that vulnerable websites would go down a lot.

Having a dynamic IP will greatly decrease your chances of getting hacked, as well, because it will change each time your modem gets reset, making your virtually un-findable for any would-be hackers. (Unless you use some sort of DynDNS service that is).
I agree with some parts of what you stated. For starters, if you use Apple's supplied version of Apache (I'm not sure what they currently ship), then you are stuck with that version until they supply any patches for it.

As for ServerSignature, that's fairly useless, as that's considered security by obscurity. You can hide the server you are running, but there are still ways to figure out what server you have.

Also, having a dynamic IP may prevent an individual hacker, but does nothing for bots and worms. Most of the major worms scan entire subnets, so merely having an open port increases your vulnerability.