Hi, I don't have much experience with Apache/Tomcat servers. I have to perform some kind of security audit to these servers... What and where to begin ? What should I look for ? For the Apache server I supposed I should look in the httpd.conf e .htaccess files ? What to look for ?
Thanks in advanced ! Best Regards
