Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 61C1F9CBC for ; Fri, 3 Feb 2012 18:22:53 +0000 (UTC) Received: (qmail 83705 invoked by uid 500); 3 Feb 2012 18:22:50 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 83555 invoked by uid 500); 3 Feb 2012 18:22:49 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 83547 invoked by uid 99); 3 Feb 2012 18:22:48 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 Feb 2012 18:22:48 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of silviu.andrica@gmail.com designates 74.125.82.41 as permitted sender) Received: from [74.125.82.41] (HELO mail-ww0-f41.google.com) (74.125.82.41) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 Feb 2012 18:22:39 +0000 Received: by wgbdt11 with SMTP id dt11so1586469wgb.0 for ; Fri, 03 Feb 2012 10:22:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:content-type:content-transfer-encoding:subject:date:message-id :to:mime-version:x-mailer; bh=WVpC33x91So51AIStNqgyqt+Zdm/K2yO3EKTdEvpdTU=; b=qPvBZOp1a5S8qzmvw/YTa72SRmPm0hRH4raqZ8AiuJHKFEZ4L27ro6AWE1OG+ou5gq dLISeSUTSe+aFGQalK6Xqjoy9cWfcQnFw9bpt1X58yKox+GztwbleOBpZunCqIO1FqX1 eoVaHHokt3huEcB8PJJM4V854RpSpuW4m9wMU= Received: by 10.180.107.34 with SMTP id gz2mr13144367wib.21.1328293339817; Fri, 03 Feb 2012 10:22:19 -0800 (PST) Received: from tsf-wpa-3-7168.epfl.ch (tsf-wpa-3-7168.epfl.ch. [128.178.239.168]) by mx.google.com with ESMTPS id eq5sm19806273wib.2.2012.02.03.10.22.18 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 03 Feb 2012 10:22:18 -0800 (PST) From: Silviu Andrica Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Fri, 3 Feb 2012 19:22:17 +0100 Message-Id: <9AD67740-03C2-4C51-9140-4981F0E0E401@gmail.com> To: users@httpd.apache.org Mime-Version: 1.0 (Apple Message framework v1257) X-Mailer: Apple Mail (2.1257) X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Configuration file effects on security Hi, I was wondering if you know any tool that checks how secure an Apache = configuration is. I know about Nikto and W3AF, but those tools are = targeted at web applications. I'm more interested in tools that target = web servers. Also, can you recommend some Apache configurations / setups = where Nikto and W3AF are effective? Thanks a lot, Silviu= --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org