Secure Your Apache Struts with Selinux

Share it:
Recently we have seen there are critical security bug that have been disclosed in Apache Struts. 
Moreover, another worst data breach has been took place by exploiting Apache Struts vulnerability. 

Here  a researcher Kevin Beaumont, have just got a simple way to hardening the security of Apache server and also make all the above Struts exploit useless.

On the blog post he mentioned that just by implementing Selinux will make all work done, and solve all the issues. Hope you all know to deploy Selinux, if you not just Google it.

"SELinux is 19 years old and installed with Redhat and Fedora Linux, it just needs setting to enforcement mode. Considering — say — Experian spend big money on Splunk, Thycotic, Qualys and Sailpoint on their Struts servers, they might want to enable this free, two decade old feature" - says Kevin on post.
You can also make changes to Selinux policies to lock down it further. You can read a guide on configuring Selinux policies.

So guys you can also try this simple and easy trick to hardening your Apache server.
Share it:

Apache

Learn

Linux

Security

Post A Comment:

0 comments:

Follow by Email