Apache Security

• Apache Security
• O'Reilly
• 0596007248

Order (or just read more about) Apache Security  from Amazon.com

More Books

I rather hoped this was better than it is. Don't get me wrong, it's not bad, and it's probably worth having, but it could have been a lot better.

First complaint: the index is lousy. Several times I wanted to go back and review something that I had read about in an earlier chapter, but was unable to find what I wanted with the index and had to resort to flipping through pages. Second, some of the material just is not explained well: if you are not already quite expert at Apache, you will find parts of this very confusing. Of course, that's a bit unfair: you really can't expect a book dedicated to Apache security to spend a lot of time explaining basics. But even given that, there were several places were I felt awash and couldn't understand what was being discussed. I also felt that the author gave short shrift to those folks who may not be able to compile from source (people on shared web servers may be able to modify their httpd.conf but not much else)

On the other hand, this is pretty fair coverage of all Apache security aspects and gives quite a bit of attention to sharing from the viewpoint of the admin who provides web hosting for others. But as I said, it's only fair coverage, and you will likely find yourself Googling for more information on much of what is presented. That's not necessarily a condemnation: if the author even attempted complete, detailed coverage, this would make the big Sendmail book look thin by comparison. Probably we should look at this as an overview; something to raise our awareness of possibilities and concerns, something more detailed than http://httpd.apache.org/docs-2.0/misc/security_tips.html.

By the way, Ivan is the author of the Apache mod_security module, and he devotes twenty six pages to explaining how to use that module. The problem here is not lack of knowledge, just lack of space. As I read this over, I feel like I'm leaving the impression that this isn't worthwhile, and that is not what I want to leave you with. It could have been better, and most especially it could have been longer and better indexed, but it is worthwhile. And parts of it are really excellent: Chapter 4, which deals with SSL and TLS is one of the best treatments I've ever read on this subject.

Take Control of Maintaining Your Mac

Take Control of Syncing Data in Leopard

Take Control of Upgrading to Snow Leopard

Macworld Total Snow Leopard Superguide

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.