Hello all,

I'm trying to secure my Apache (Windows) Server from the eventual security leak or compromise, and I figure that allowing Apache to run only as a user of its own, with a limited set of privileges would be a good way to start.

I have created an appropriate account under the Local Users and Groups snap-in in mmc.exe, and the account is under the group "Users". However, my apache service will not start, and the errors (if there are any), are not logged in apache_log.log. The service, of course, starts perfectly fine if I place the user under Administrators... but that's just as bad as if the service ran as the local system account.

There are probably some rights/policies that I need to set to get Apache working, but for the life of me, I can't think of any! Does anybody have suggestions?

I have the same problem with the SQL Server.

Edit: Solved my problem:
Apache -> http://httpd.apache.org/docs/2.0/platform/windows.html, AND
MySQL -> http://dev.mysql.com/tech-resources/articles/securing_mysql_windows.html