**面是一些要检查的安全设置: **
SSL :
在 httpd.conf 中打开 SSL
Port 80
Listen 80
Listen 443
SSLSessionCache dbm:/usr/local/apache/ logs/ssl_scache
SSLSessionCacheTimeout 1200
For increased performance use "SSLMutex sem" instead of the line below
SSLMutex file:/usr/local/apache/logs/ssl_mutex
SSLLog /usr/local/apache/logs/ssl_engine_log
change the log level default from "info" to "warn"
SSLLogLevel warn
SSLOptions +OptRenegotiate
**_ 打开虚拟主机的 SSL 支持: _ **
Within the ...
SSLEngine on
Replace with certificate file name
SSLCertificateFile /usr/local/apache/conf/ssl.
cert/
Replace with key file name
SSLKeyFile /usr/local/apache/conf/ssl.key/
SSLVerifyClient none
定制 SSL 的 LOG 格式:
LogFormat clfa "%h %l %u %t "%r" %>s %b\ %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%{SSL_CLIENT_S_DN_CN}x""
CustomLog /usr/local/apache/logs/access_log clfa
**_ 被保护的目录: _ **
SSLCipherSuite HIGH: MEDIUM
AuthType Digest
AuthName "Beta code testing"
AuthDigestDomain /test/ http://test.my.dom/beta/
AuthDigestFile /usr/local/apache/conf/
digest_pw
Require valid-user