you’ll examine the security options
available in the main Apache configuration file, httpd.conf. That file can be
modified to secure the entire server or to configure security on a
directory-by-directory basis. Directory controls secure access by the server,
as well as users who connect to the web sites on the server. To explore the
basics of Apache security, start with the first default active line in
httpd.conf:
ServerTokens OS
This line looks deceptively simple; it
limits the information displayed about a web server you navigate to a
nonexistent page to the following message:
Apache/2.2.15 (Red Hat) Server at
localhost Port 80
Contrast that output with what happens
with a ServerTokens Full line:
Apache/2.2.15 (Red Hat) DAV/2
mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_wsgi/3.2
Python/2.6.5 mod_perl/2.0.4 Perl/v5.10.1 Server at
localhost Port 80
In other words, with one option,
outsiders can see whether modules such as Perl, Python, and PHP have been
loaded, along with their version numbers. As not everyone updates their
software in a perfectly timely manner, what happens when a cracker sees a
version that has been compromised, your servers will face additional risks. Next,
you can restrict access to the directory defined by the ServerRoot directive
as shown here:
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
This configures a
very restrictive set of permissions. The Options FollowSymLinks line
supports the use of symbolic links for web pages. The AllowOverride None line
disables any .htaccess files. The ServerRoot directive points to
/etc/httpd, which contains Apache configuration files. Without the AllowOverride
None line, a cracker who inserts a malicious .htaccess file can
configure permissions that allows any user to change such configuration
files. However, there’s an appropriate use for .htaccess files. For
example, when placed in a subdirectory such as /www/html/project, then
it can be used to permit access to a group, and such changes would apply
only to that directory. You can improve this by limiting access to all
but explicitly allowed users, by adding the following commands to the
desired <Directory> container:
Order deny,allow
Deny from all
The next <Directory> container
example limits access to /var/www/html, which corresponds to the default DocumentRoot
directive (while these directives are divided by numerous comments, they
are all in the same stanza):
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
The Options directive is
different; the Indexes setting allows readers to see a list of files on
the web server if no index.html file is present in the specified directory. The
Order and Allow lines allow all users to access the web pages on
this server. Finally, the Listen directive defines the IP address and
TCP/IP port for this server. For example, the default shown next means that
this server will work with every computer that requests a web page from any of
the IP addresses for your computer on the standard TCP/IP port, 80:
Listen 80
If more than one IP address is
available on the local system, the Listen directive can be uses to limit
access to one specific IP address. For example, if a system has two network
cards with IP addresses 192.168.0.200 and 192.168.122.1, the following directive
can help limit access to systems on the 192.168.122.0 network:
Listen 192.168.122.1:80
It's Really A Great Post
Best Elegant IT Services
nice post forever thank u
devops training in bangalore
devops training in chennai
very useful post ,,thank u
devops training in bangalore
devops training in chennai
The blog was absolutely fantastic! Lot of great information which was helpful
Best MatLab Training Institute in Chennai | MatLab Training Center in Velachery
Excellent blog
python interview questions
git interview questions
django interview questions
sap grc interview questions and answers
advanced excel training in bangalore
zend framework interview questions
apache kafka interview questions
Nice blog
uipath training in bangalore
angular4 interview questions
python interview questions
artificial intelligence interview questions
python online training
artificial intelligence online training
talend training
docker training
I got nice blog
sap partner companies in bangalore
sap implementation companies in bangalore
sap partners in india
aws staffing
jquery interview questions
sql interview questions
Nice blog
myTectra Profile | Trainingindustry.com
myTectra | Instagram
myTectra | Youtube
Great blog on apache configuration file. Thanks for the useful information and keep updating.
Final Year Project Center in Chennai | IEEE Project Center in Chennai | Diploma Project Center in Chennai
Nice to read your article..Thanks for sharing your wonderful Blog..
PCB Training Institute in Chennai | PCB Training Institute in Velachery
Thank you for sharing this type of interview questions
Iot Online Training
Itil Interview Questions
Salesforce Interview Questions
Msbi Interview questions
Salesforce Interview Questions
C Interview Questions
This message nice information its very useful to read your blog. We provide best Digital Transformation Services
Very good informative article. Thanks for sharing such nice article, keep on up dating such good articles.
Austere Technologies is best Cloud Solution services company. Please visit for best cloud services www.austeretech.com
wow...nice blog, very help full information. Thanks for sharing.
NO.1 APP DEVELOPMENT SERVICES | MASSIL TECHNOLOGIES
REALLY VERY EXCELLENT INFORMATION. I AM VERY GLAD TO SEE YOUR BLOG FOR THIS INFORMATION. THANKS FOR SHARING. KEEP UPDATING.
NO.1 IOT Services | INTERNET OF THINGS | Best IOT Services |
Really very informative blog. Thanks for sharing. keep updating.
NO.1 Mobile APPilication DEVELOPMENT SERVICES | MASSIL TECHNOLOGIES
Hi There,
This article was extremely remarkable.
Thanks for such a nice tutorial.
I’m looking for detailed documentation about Uipath architecture, minimal server and database requirements, installation and configuration (including HA and DR setup).
Could You provide me this kind of information?
Appreciate your effort for making such useful blogs and helping the community.
Thank you,
Morgan
What an excellent informative. Thanks for sharing.
Best Mobility Services | Austere Technologies
Great informative article. Thanks for sharing.
Best IT Security Services | Austere Technologies