Secure Apache Configuration
来源:互联网 发布:微店和淘宝哪个安全 编辑:程序博客网 时间:2024/05/01 19:06
Hide the Apache Version number, and other sensitive information.
ServerSignature OffServerTokens Prod
The ServerSignature appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.
The ServerTokens directive is used to determine what Apache will put in the Server HTTP response header. By setting it toProd it sets the HTTP response header as follows:
Server: Apache
Make sure apache is running under its own user account and group
User apacheGroup apache
Ensure that files outside the web root are not served
<Directory />Order Deny,AllowDeny from allOptions NoneAllowOverride None</Directory><Directory /web>Order Allow,DenyAllow from all</Directory>
Turn off directory browsing
Options -Indexes
Turn off server side includes
Options -Includes
Turn off CGI execution
Options -ExecCGI
Don't allow apache to follow symbolic links
Options -FollowSymLinks
Turning off multiple Options
Turn off all Options:
Options None
Turn off some Options:
Options -ExecCGI -FollowSymLinks -Indexes
Turn off support for .htaccess files
AllowOverride None
Lower the Timeout value
Timeout 45
Restricting Access by IP
Order Deny,AllowDeny from allAllow from 127.0.0.1
Config in httpd.conf
0 0
- Secure Apache Configuration
- 20 ways to Secure your Apache Configuration
- Apache Configuration
- Apache Configuration
- Apache Commons-configuration 范例
- Apache Virtual Host Configuration
- rails apache 2.2+ configuration
- Apache Commons Configuration 使用
- Apache Tomcat Configuration Reference
- Apache Common-Configuration工具
- Apache Tomcat Configuration Reference
- apache common configuration
- Apache+PHP+MySQL Configuration
- Apache HBase Configuration
- Apache Commons Configuration
- Apache Server configuration
- org.apache.commons.configuration.Configuration 配置文件
- Juniper(r) Networks Secure Access SSL VPN Configuration Guide
- ZOL上,下载的这个嵌入版本如何使用
- ndb cluster部署
- 机器学习其实比你想的更简单
- 事件驱动模式·
- centos5.7_x64下 nagios 快速部署
- Secure Apache Configuration
- 字符串按词典分割
- 快速部署zabbix监控服务器
- Why so many Python web frameworks
- hadoop作业引用第三方jar文件
- oracle locks query
- MapReduce的input为SequenceFile的相关实验
- 如何获取客户端真实IP地址
- 更新了android sdk出现aapt问题以及模拟器启动错误