|
The number of different Apache configurations within AcIS has made the
maintenance of these services extremely difficult. This increases the
amount of time required to restore service during unplanned outages,
and also increases the vulnerability to security exploits. This also
increases the complexity of deploying new servers.
Correcting this situation is extremely complex, and will require
coordinated effort among all AcIS technical groups. Cleanup is not
one big project, but is instead several interrelated projects:
- Secure Apache 1 Modernization.
- Web Authentication Modernization. See
this document for details.
- Apache 1 Standardization. The non-secure web servers are
running several different configurations, with different builds
and different software layouts. These must be standardized.
- Apache 2. A testing and transition path for apache 2 must
be identified.
- Server Consolidation. The practicality and logistics of
running fewer web servers by consolidation must be investigated.
The above list is roughly in priority order.
|
