Apache Security
1, the right to minimize
Apache users can only use Apache users to perform
View Ps-ef | grep http
2.ensure that only the root user can modify files under the Web root directory
Chown root:root/var/www/html
Find/var/www/html-type f-exec chmod 644 {} \;
Find/var/www/html –type d-exec chmod 755 {} \;
3, open the Apache logging function, record the client IP, Access time, request page, send bytes,Agent and other information.
Logformat "%h%l%u%t \"%r\ "%>s%b \"%{referer}i\ "\"%{user-agent}i\ "" combined
Customlog Logs/access_log combined
can be modified according to the situation Logformat, record the required information.
4. Custom Error Messages
Reference configuration Actions
Create error page 400.html,401.html,402.html,403.html , 404.html , etc., in httpd.conf Add
ErrorDocument 400/error/400.html
ErrorDocument 401/error/401.html
ErrorDocument 402/error/402.html
ErrorDocument 403/error/403.html
ErrorDocument 404/error/404.html
5. only partial IP access to the sensitive directory of the website is allowed.
Reference configuration Actions
<directory "/var/www/html/admin" >
Order Allow,deny
Allow from 192.168.0.0/255.255.255.0
</Directory>
6. Disable the Directory browsing feature of Apache
Reference configuration Actions
As the following configuration
<directory "/var/www/html" >
Options Indexes FollowSymLinks
AllowOverride None
Order Allow,deny
Allow from all
</Directory>
Switch
Options-indexes FollowSymLinks
==============================================================
Compy Update Date: 2017-09-26 23:57 q Group: 627806889
==============================================================
Apache Security < a >