How to set up Apache Web server access control

If you're hoping to allow or deny Apache Web server access based on IP address, check out this expert response from Randall Gamby.

Randall Gamby, HP

I'm in the process of configuring Apache Web server access control to restrict access based on the host address of the box requesting access. Can you offer any best practices on how I should go about this?

I recommend that you follow the steps outlined below from the Apache website to learn how to set up Apache Web server access control:

Basically, the instructions call for setting up a "black list," or "restricted from access" set of rules. While this will work, keep in mind that the issue with black lists is they tend to become outdated as new threats emerge. While this is one way to restrict access, another more secure way is to use a Web access management (WAM) product in front of the Apache server. This allows access to be managed based on a "white list," or only those users authorized to access the Web server. A WAM can provide single sign-on, while also having less of an impact on your security infrastructure, since access is granted as needed, instead of denied as needed.

A WAM can also provide access to multiple Apache servers from a single domain, reducing administrative costs. Since the Apache Web server is most likely Internet facing, front-ending it with a WAM will reduce your risk of attack, since the WAM provides more powerful authentication and control tools.

This was last published in June 2010

Dig Deeper on Web authentication and access control

Related Q&A from Randall Gamby

How has enterprise SSO technology evolved?

Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading

The FIDO authentication framework: What do enterprises need to know?

Enterprises need a full understanding of the FIDO authentication framework before switching to its technology. Expert Randall Gamby looks at the most... Continue Reading

Which is safer: an HSM appliance or a virtual appliance?

A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Google Cloud security gets boost with Secret Manager

Google Cloud's new Secret Manager service augments its cloud security capabilities with an eye toward the needs of DevOps teams.

Microsoft misconfiguration exposed 250M customer service records

Microsoft exposed 250 million customer support records on five Elasticsearch servers that had misconfigured Azure security rules,...

Lyft's open source asset tracking tool simplifies security

Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset ...

SearchNetworking

Build a source of truth into your network automation strategy

Many network automation approaches rely on a source of truth repository to provide data on network behavior. But building this ...

SD-WAN explained: The ultimate guide to SD-WAN architecture

Evaluating SD-WAN architecture can be confusing, especially as the market grows. This guide helps IT pros learn SD-WAN basics, ...

VMware acquisition of Nyansa combines LAN, WAN analytics

The VMware acquisition of Nyansa is expected to provide network traffic analytics that cover the SD-WAN and the wired and ...

SearchCIO

Preparing for the new forms of cybersecurity threats in 2020

In the first part of a series on the new forms of cyberthreats in 2020, we're diving into the many infiltration points being ...

What is the state of CIO tenure today?

CIO tenure remains significantly lower than other C-suite positions, and according to experts, it's a result of the age of ...

The evolution of RPA, from macros to process transformation

RPA evolved from technology debuted in the 1950s and '60s and was developed to today's standards by the industry's leading ...

SearchEnterpriseDesktop

Windows 7 sunset gives PC market a boost in 2019

Does the growth of the PC market in 2019 reflect an increased appetite for the devices? Experts discuss the PC's role in the ...

EG Enterprise v7 focuses on usability, user experience monitoring

New features in EG Enterprise v7, set to launch soon, enable simulated and real user monitoring, automated diagnosis and new ...

Managing Windows Defender Device Guard in Windows desktops

IT pros must understand how Windows Defender Device Guard uses a locked-down approach to desktop security and how this method ...

SearchCloudComputing

5 cloud database comparison tips to guide your data strategy

Catch up on these tips that compare the strengths, weakness and available integrations of popular public cloud database and ...

Reduce cloud latency for remote employees and offices

Latency remains an issue for cloud users with remote facilities. See how SD-WAN and satellites can improve network performance ...

AWS multi-account management best practices with Control Tower

With the help of AWS Control Tower, organizations who own and operate multiple cloud accounts can manage them all under one roof ...

ComputerWeekly.com

Police sent information about potential Fujitsu staff perjury in subpostmaster prosecutions

The police have been asked to consider information from a High Court judge questioning evidence given by Fujitsu staff in ...

NHSX reports progress in screening transformation

Digital unit outlines work that has been done to address the shortcomings of screening IT programmes

RAN sharing and convergence juice up Orange for 2020

Telco Orange’s roadmap for Europe in 2020 reveals the power of convergence and the need for ecosystem partnerships

How to set up Apache Web server access control

If you're hoping to allow or deny Apache Web server access based on IP address, check out this expert response from Randall Gamby.

Dig Deeper on Web authentication and access control

How does Amazon WAM manage WorkSpaces apps?

Amazon WorkSpaces

Amazon WorkSpaces adds simpler app delivery, management

Unlock Windows Azure development in Visual Studio 2013 Preview

Related Q&A from Randall Gamby

How has enterprise SSO technology evolved?

The FIDO authentication framework: What do enterprises need to know?

Which is safer: an HSM appliance or a virtual appliance?

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Google Cloud security gets boost with Secret Manager

Microsoft misconfiguration exposed 250M customer service records

Lyft's open source asset tracking tool simplifies security

SearchNetworking

Build a source of truth into your network automation strategy

SD-WAN explained: The ultimate guide to SD-WAN architecture

VMware acquisition of Nyansa combines LAN, WAN analytics

SearchCIO

Preparing for the new forms of cybersecurity threats in 2020

What is the state of CIO tenure today?

The evolution of RPA, from macros to process transformation

SearchEnterpriseDesktop

Windows 7 sunset gives PC market a boost in 2019

EG Enterprise v7 focuses on usability, user experience monitoring

Managing Windows Defender Device Guard in Windows desktops

SearchCloudComputing

5 cloud database comparison tips to guide your data strategy

Reduce cloud latency for remote employees and offices

AWS multi-account management best practices with Control Tower

ComputerWeekly.com

Police sent information about potential Fujitsu staff perjury in subpostmaster prosecutions

NHSX reports progress in screening transformation

RAN sharing and convergence juice up Orange for 2020

Dig Deeper on Web authentication and access control

How does Amazon WAM manage WorkSpaces apps?

Amazon WorkSpaces

Amazon WorkSpaces adds simpler app delivery, management

Unlock Windows Azure development in Visual Studio 2013 Preview

Related Q&A from Randall Gamby

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.