Add more security to Apache

kyrofa / owncloud-snap

ownCloud packaged as a .snap for Ubuntu Core.

GNU General Public License v3.0

11 stars 4 forks source link

Add more security to Apache #59

Open danielholm opened 8 years ago

danielholm commented 8 years ago

Maybe ModSecurity[1] and/or fail2ban[2]?

Of course this would add more dependencies that has to be packaged with the snap, but I think it's very much worth it.

1: https://github.com/SpiderLabs/ModSecurity 2: https://www.techandme.se/fail2ban-owncloud/

oparoz commented 8 years ago

I agree, but the problem is that this snap is supposed to run on different types of hardware and some may not be able to run mod_security that well. Maybe we can include the module without loading it.

fail2ban would be difficult to implement without also including a firewall. An ownCloud app would probably work better for now.

kyrofa commented 8 years ago

Indeed, fail2ban is probably better suited to being its own snap, as it'll have a number of difficulties to overcome. Such a thing could be included in the owncloud-pi image though, once it exists.

oparoz commented 8 years ago

https://github.com/owncloud/pi-image/issues/37