Crucial reference for Apache web server admins

From my perspective: As a Linux / BSD sysadmin (but Apache httpd novice), I purchased this book a few months ago in hopes of supplementing my Apache learning. I wanted to learn the "right" (i.e. secure) way of configuring our Apache deployments from the start.

Along with the Apache project's official directive / module references, this book helped provide a great foundation for understanding how to configure and harden Apache. The most useful things I took away from Apache Security were:

* creating a cruft-free, secure by default httpd.conf;
* hardening PHP;
* getting more from httpd logging; and
* really, finally understanding SSL/TLS (and keys and certs).

There is a lot of information in the book, so I'll likely be reading it cover-to-cover at least once more to glean the next round of tips and concepts.

Other Reviews

• The one!
• A good reference, but a tad dated now.
• A very easy read, on what could have been a dry topic
• Crucial reference for Apache web server admins
• Much more than just Apache Security