Difference between revisions of "Apache"

From LUG
Jump to navigation Jump to search
(Created page with "Dit document beschrijft hoe we na een standaard install van apache op een RHEL server. Apache verder af configureren zodat het wat gehardend is. {| class="wikitable" !Dire...")
(No difference)

Revision as of 11:04, 5 January 2018

Dit document beschrijft hoe we na een standaard install van apache op een RHEL server. Apache verder af configureren zodat het wat gehardend is.


Directive and setting Description/rationale
Uncomment LoadModule info_module modules/mod_info.so gives out too much information about your web server to potential attackers.
Uncomment LoadModule status_module modules/mod_status.so gives out server stats via web pages
Uncomment LoadModule userdir_module modules/mod_userdir.so translates URLs to user-specific directories
Uncomment LoadModule autoindex_module modules/mod_autoindex.so provides directory listings when no index.html file is present
AddIcon (remove)
AddIconByEncoding (remove)
AddIconByType (remove)
DefaultIcon (remove)
IndexOptions (remove)
AddDescription (remove)
ReadmeName (remove)
HeaderName (remove)
IndexIgnore (remove)
Remove all references to these directives, since we disabled the fancy indexing module.
/manual Remove manual pages
/icons Remove icons
ServerSignature Off Prevents server from giving version info on error pages.
ServerTokens Prod Prevents server from giving version info in HTTP headers
TraceEnable Off TraceEnable off causes the core server and mod_proxy to return a 405 FORBIDDEN error to the client.
UserDir disabled root the UserDir line, since we disabled this module. If you do enable user directories, you’ll need this line to protect root’s files.
FileETag MTime Size Disable inode-based ETag generation in the Apache config.
You can remove inode information from the ETag header by adding this directive to your Apache config.