Skip to main content

LAMP Security Configuration (14 Nov)

When: 14-Nov-2019 09:00 AM

 

Trainers:  Professionals from ESI CEE’s Cyber Resilience Lab (CyResLab), partner of Software Engineering Institute, Carnegie Mellon University.

 

LAMP Security Configuration

The LAMP (Linux, Apache, MySQL and PHP) web service stack is one of the most popular choices for developing and deploying web applications. Due to the rich set of features and the complexity of this bundle, special attention must be paid to its security configuration.

 

The purpose of this course is to provide an in-depth analysis of Web security mechanisms within the context of the extremely popular LAMP server-side stack.

 

The goal of this course is to present common and/or important security configuration options for the LAMP stack that are instrumental during deployment, as well as to present the security model of the software stack and the standard tools for managing its security.

 

The course includes free access to an interactive online exercise environment for one week, following the course’s completion.

 

Note: The course is also available in a DevOps and Continuous Deployment-oriented version, in which participants automate deployment exercises instead of simply configuring a single LAMP instance.

 

Course agenda:

  • Linux Security Configuration:
    • Linux Security Model & SELinux
    • Host hardening
  • Apache Security Configuration
    • HTTP Security Headers
    • Apache Configuration Files & .htaccess
  • MySQL Security Configuration
    • Data Encryption
    • Secure Client-Server Communication
  • PHP Security Configuration – Important Settings

 

Ideal for: DevOps professionals, System administrators, Full-stack developers with operations experience.

 

Prerequisites: Web technologies knowledge (HTTP, TCP, etc.), system administration knowledge (LAMP).

 

Participants should bring a laptop/notebook with a 64-bit OS and virtualization enabled (VT-x), as well as a VirtualBox installation.

Note: For the DevOps/Continuous Deployment flavor of the course, a Vagrant installation is also required.

 

Certificate: Upon successful completion of the course, attendees will receive a certificate from ESI CEE.