Parmetros. path. La ruta a analizar. Si est presente, indica qu elementos especficos se devuelven, de entre PATHINFODIRNAME, PATHINFO. Mais comment supprimer bing de Firefox Bing cest pire que la grippe mais on a quand mme un antidote nous 10042013 petite note cet article est trs. Apache Web Server Security and Hardening Tips. We all are very familiar with Apache web server, it is a very popular web server to host your web files or your website on the web. Here are some links which can help you to configure Apache web server on your Linux box. Apache Security and Hardening Tips. Install Apache Web Server. Setup Your Website in Your Linux Box. Here in this tutorial, Ill cover some main tips to secure your web server. Before you apply these changes in your web server, you should have some basics of the Apache server. Document root Directory varwwwhtml or varwww. Main Configuration file etchttpdconfhttpd. RHELCent. OSFedora and etcapache. DebianUbuntu. Default HTTP Port 8. TCPDefault HTTPS Port 4. TCPTest your Configuration file settings and syntax httpd t. Access Log files of Web Server varloghttpdaccesslog. Best Practices for Speeding Up Your Web Site. The Exceptional Performance team has identified a number of best practices for making web pages fast. Error Log files of Web Server varloghttpderrorlog. How to hide Apache Version and OS Identity from Errors. When you install Apache with source or any other package installers like yum, it displays the version of your Apache web server installed on your server with the Operating system name of your server in Errors. It also shows the information about Apache modules installed in your server. Show Apache Version. In above picture, you can see that Apache is showing its version with the OS installed in your server. This can be a major security threat to your web server as well as your Linux box too. To prevent Apache to not to display these information to the world, we need to make some changes in Apache main configuration file. Open configuration file with vim editor and search for Server. Signature, its by default On. RubyCheat2.png' alt='Apache Mod_Rewrite Tutorial Pdf' title='Apache Mod_Rewrite Tutorial Pdf' />We need to Off these server signature and the second line Server. Tokens Prod tells Apache to return only Apache as product in the server response header on the every page request, It suppress the OS, major and minor version info. RHELCent. OSFedora. DebianUbuntuServer. Signature Off. Server. Tokens Prod service httpd restart RHELCent. OSFedora. service apache. DebianUbuntuHide Apache Version. Disable Directory Listing. By default Apache list all the content of Document root directory in the absence of index file. Ubuntu-03804350.jpg' alt='Apache Mod_Rewrite Tutorial Pdf' title='Apache Mod_Rewrite Tutorial Pdf' />Please see the image below. Apache Directory Listing. We can turn off directory listing by using Options directive in configuration file for a specific directory. For that we need to make an entry in httpd. Directory varwwwhtml. Options Indexes. Directory Hide Apache Directory Listing. Keep updating Apache Regularly. Apache developer community is continuously working on security issues and releasing its updated version with new security options. Your tutorial is simply the best I could find in all the web. I didnt understand the last point One thing to keep in mind with this redirection is that if. Htaccess Rewrites are enabled by using the Apache module modrewrite, which is one of the most powerful Apache modules and features availale. Htaccess Rewrites. So It is always recommended to use the latest version of Apache as your web server. To check Apache version You can check your current version with httpd v command. Server version Apache2. Unix. Server built Aug 1. You can update your version with the following command. It is also recommended to keep your Kernel and OS updated to the latest stable releases if you are not running any specific application which works only on specific OS or Kernel. Disable Unnecessary Modules. Its always good to minor the chances of being a victim of any web attack. So its recommended to disable all those modules that are not in use currently. You can list all the compiled modules of web server, using following command. Load. Module etchttpdconfhttpd. Load. Module lines at this location so the. Load. Module foomodule modulesmodfoo. Load. Module authbasicmodule modulesmodauthbasic. Load. Module authdigestmodule modulesmodauthdigest. Load. Module authnfilemodule modulesmodauthnfile. Load. Module authnaliasmodule modulesmodauthnalias. Load. Module authnanonmodule modulesmodauthnanon. Load. Module authndbmmodule modulesmodauthndbm. Load. Module authndefaultmodule modulesmodauthndefault. Load. Module authzhostmodule modulesmodauthzhost. Load. Module authzusermodule modulesmodauthzuser. Load. Module authzownermodule modulesmodauthzowner. Load. Module authzgroupfilemodule modulesmodauthzgroupfile. Load. Module authzdbmmodule modulesmodauthzdbm. Load. Module authzdefaultmodule modulesmodauthzdefault. Load. Module ldapmodule modulesmodldap. Load. Module authnzldapmodule modulesmodauthnzldap. Load. Module includemodule modulesmodinclude. World Soccer Winning Eleven 4 Iso Programs. Load. Module logconfigmodule modulesmodlogconfig. Load. Module logiomodule modulesmodlogio. Load. Module envmodule modulesmodenv. Load. Module extfiltermodule modulesmodextfilter. Above is the list of modules that are enabled by default but often not needed modimap, modinclude, modinfo, moduserdir, modautoindex. To disable the particular module, you can insert a at the beginning of that line and restart the service. Run Apache as separate User and Group. With a default installation Apache runs its process with user nobody or daemon. For security reasons it is recommended to run Apache in its own non privileged account. For example http web. Create Apache User and Group groupadd http web. Now you need to tell Apache to run with this new user and to do so, we need to make an entry in etchttpdconfhttpd. Open etchttpdconfhttpd. User and Group and there you will need to specify the username and groupname to use. User http web. Group http web. Use Allow and Deny to Restrict access to Directories. We can restrict access to directories with Allow and Deny options in httpd. Here in this example, well be securing root directory, for that by setting the following in the httpd. Directory. Order deny,allow. Directory Options None This option will not allow users to enable any optional features. Order deny, allow This is the order in which the Deny and Allow directives will be processed. Here it will deny first and allow next. Deny from all This will deny request from everybody to the root directory, nobody will be able to access root directory. Use modsecurity and modevasive Modules to Secure Apache. These two modules modsecurity and modevasive are very popular modules of Apache in terms of security. Modsecurity. Where modsecurity works as a firewall for our web applications and allows us to monitor traffic on a real time basis. It also helps us to protect our websites or web server from brute force attacks. You can simply install modsecurity on your server with the help of your default package installers. Install modsecurity on UbuntuDebian sudo apt get install libapache. Install modsecurity on RHELCent. OSFedora yum install modsecurity. Modevasivemodevasive works very efficiently, it takes one request to process and processes it very well. It prevents DDOS attacks from doing as much damage. This feature of modevasive enables it to handle the HTTP brute force and Dos or DDos attack. This module detects attacks with three methods. If so many requests come to a same page in a few times per second. If any child process trying to make more than 5. If any IP still trying to make new requests when its temporarily blacklisted. Here, we have an Installation and setup guide of these modules which will help you to set up these Apache modules in your Linux box. Protect Apache using ModSecurity and Modevasive. Disable Apaches following of Symbolic Links. By default Apache follows symlinks, we can turn off this feature with Follow. Sym. Links with Options directive.