[imp] Security hardening Horde/Imp...
Tom Lisjac
netdxr at gmail.com
Sun Mar 20 11:33:27 PST 2005
We've been discussing the possibility of opening our internal
Horde/Imp system to the internet so our users could access their mail,
calendars... etc from home. Although this scares me a little, I think
the benefits would be worth the effort.
I've already done the security hardening steps from this page:
http://www.horde.org/horde/docs/?f=SECURITY.html
We have a good firewall in place and I'm forcing https to access the
system. Perhaps this is paranoid but I'm also requiring a basic
authentication step for outside access before allowing the user to
login to Imp.
Can anyone recommend additional steps to further harden Apache/mod_ssl
and Horde/Imp? I'd like to reduce the number of Apache modules that
are configured by default in Fedora 3... but I'm not sure which ones
are required to support the Horde framework.
Thanks,
-Tom
More information about the imp
mailing list