Running Apache in chroot jail

Ken Jordan ken.w.jordan at
Tue Oct 14 01:16:44 MDT 2014

You may want to look into Docker then if you're jailing everything.
Docker is pretty much AWESOME. It's designed to run applications in a
sandbox environment. Any command/daemon you can think of will probably
run inside a Docker container. I'm not great with it myself, but if
you take about 15 minutes and read the introductory docs you will see
this is what you're really looking for.

Ken Jordan
ken.w.jordan at

On Tue, Oct 14, 2014 at 1:09 AM, Dan Egli <ddavidegli at> wrote:
> Hey plug folks,
> I was wondering if anyone had any good URLs for how-to's or FAQs that
> explain how to run Apache in a chroot jail. I'm in process of going through
> my server configuration and moving everything possible into a chroot jail
> for the extra security. The way I figure it, if someone does manage to hack
> into my SMTP server, or my IMAP server, or something like that, then at
> worst they get access to whatever is in that location, but don't get access
> to anything critical. I'm guessing it reduces the likelihood of someone
> using my system as a jumping point for spam or other hacks.
> I've got the basic setup worked out for my mail servers and my DNS server.
> The only other open TCP port on this machine (besides 22 for ssh,
> obviously) is http/80. I know Apache has a module for running things in a
> chroot environment (mod_root?) but I've never used it, nor until just
> recently tried to migrate things to a chroot environment. So I'm looking
> for documents that show the process.
> Any suggestions are welcome. Basically I'm trying to minimize the exposure
> in case someone does try to hack me. :)
> --- Dan
> /*
> PLUG:, #utah on
> Unsubscribe:
> Don't fear the penguin.
> */

More information about the PLUG mailing list