httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pete Houston <...@openstrike.co.uk>
Subject Re: [users@httpd] Is there any way to encrypt/obfuscate apache conf files
Date Fri, 09 Nov 2012 17:25:27 GMT
Hello Sudip,

On Fri, Nov 09, 2012 at 01:51:53PM +0530, Bhattacharya, Sudip wrote:
> Is there any way to obfuscate/encrypt conf files in Apache?

I'm not aware of a direct method. Perhaps mod_macro could be used for
obfuscation.

> I have put my configuration entries in a separate config file, and am including it in
the main httpd.conf file.
> 
> My requirement is to encrypt/obfuscate only my custom conf file.

I'm sure you have your reasons for this, but it sounds like asking for
trouble. If you just want to stop users reading the file because it
contains sensitive info (like database passwords, maybe?) then perhaps
just a simple

	chown root custom.conf
	chmod 0600 custom.conf

would suffice? You would need to be starting apache as root in order to
bind to the low port numbers anyway and this means that only your custom
file is unreadable by others - httpd.conf could still be read by anyone.

HTH,

Pete
-- 
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107

Mime
View raw message