Bringing Hash Functions to Apache

Bringing Hash Functions to Apache

Some days ago I've started thinking if there would be a way of implementing the concept of "unautherize file modification awareness" into apache, via apache modules.

The main objective of implementing this concept is to give the ability of distinguish of a good page, from a modified (normally defaced) page to apache. If the defaces stopped showing, maybe the kiddies would stop doing them (or not).

The request process would be something like this:

1. client request page X.
   
2. see if page X was modified or not.
   
3. if it's modified, issue an error, for example a 504 Server Temporary Unavailable, otherwise move to 4.
   
4. just let the request continue.
   

And how could we see if the files were modified? The answer is, using an Hash Function.

For each file that should be protected an hash would be generated, and then stored in a configuration file where every pair (file,hash) was present.

Having this configuration file, a new problem arises, how can we secure it, in order to prevent an attacker from changing it? Once again, the answer relies in cryptography, using Asymetric Cryptography.

The sysadmin would generate an asymmetric key, the apache server would know the public key, and the configuration file with the hashes would be encrypted with the sysadmin secret key, in other words the configuration file would be signed by the sysadmin, so nobody can actually change it! Doing this, we have secured the configuration file.

Although, there are always attack vectores, if it's a more "experienced" attacker and actually gained root in the host, he can just turn off the support for this module in httpd.conf. But there is no system 100% secure, so there are always security problems somewhere.

So, does anyone think it's a good idea? Or it's just smoke and mirrors?