First, the construction of the environment
Lab Environment:
Operating system: Centos 7.4
[[email protected] ~]# lsapr-1.6.3.tar.gz apr-util-1.6.1.tar.bz2 httpd-2.4.33.tar.gz pcre-8.41.tar.gz #主要的按照包, The following is a specific installation operation [[email protected] ~]# yum install-y bzip2[[email protected] ~]# tar xf apr-1.6.3.tar.gz [[email& Nbsp;protected] ~]# lsapr-1.6.3 apr-1.6.3.tar.gz apr-util-1.6.1.tar.bz2 httpd-2.4.33.tar.gz pcre-8.41.tar.gz[[email& Nbsp;protected] ~]# cd apr-1.6.3[[email protected] apr-1.6.3]# yum install-y gcc gcc-c++ #安装依赖包 [[Email prot Ected] apr-1.6.3]#/configure--prefix=/usr/local/apr[[email protected] apr-1.6.3]# make && make install [[email protected] ~]# tar xf apr-util-1.6.1.tar.bz2 [[email protected] ~]# CD apr-util-1.6.1[[email Protected] apr-util-1.6.1]#./configure [[email protected] apr-util-1.6.1]#./configure--prefix=/usr/local/ Apr-util--with-apr=/usr/local/apr/bin/apr-1-config [[email protected] apr-util-1.6.1]# yum install Expat-devel -Y #安装依赖包 [[email protected] apr-util-1.6.1]# make && make install[[email protected] ~]# tar xf pcre-8.41.tar.gz [[email protected] ~]# CD pcre-8.41[[ Email protected] pcre-8.41]#/configure--prefix=/usr/local/pcre[[email protected] pcre-8.41]# make & & Make Install
Second, hide Apache version information 1. Block sensitive information such as Apache version
#查看apache版本信息: [[email protected] ~]# curl-i 192.168.1.63http/1.1 Okdate:sun, 12:40:59 Gmtserver:ap ache/2.4.33 (Unix) mod_ssl/2.4.33 openssl/1.0.0-fips php/5.4.14x-powered-by:php/5.4.14content-type:text/html[[ Email protected] ~]# curl-i www.baidu.com http/1.1, Okaccept-ranges:bytescache-control:private, No-cache, no-s Tore, Proxy-revalidate, No-transformconnection:keep-alivecontent-length:277content-type:text/htmldate:mon, Jul 2018 08:32:29 Gmtetag: "575e1f71-115" Last-modified:mon, June 02:50:25 Gmtpragma:no-cacheserver:bfe/1.0.8.18[[em Ail protected] ~]# curl-i www.tencent.comHTTP/1.1 Okserver:nws_ugc_hyconnection:keep-alivedate:mon, 20 Jul 08:32:58 Gmtcache-control:max-age=600expires:mon, Jul 2018 08:42:58 Gmtlast-modified:fri, 02:11:37 GM Tcontent-type:text/htmlcontent-length:189x-nws-log-uuid:0f1c8273-b0fa-4d9c-87ae-f6d9c5c8ca99 989f50f8bc1bbda11f966c017556085fx-cache-lookup:hit from disktank[[email protected] ~]# curl-i www.taobao.comHTTP/1.1 302 FoundServer:TengineDate:Mon, Jul 2018 08:33:17 Gmtconte NT-TYPE:TEXT/HTMLCONTENT-LENGTH:258CONNECTION:KEEP-ALIVELOCATION:HTTPS://WWW.TAOBAO.COM/SET-COOKIE:THW=CN; path=/; domain=.taobao.com; Expires=tue, 16-jul-19 08:33:17 GMT; STRICT-TRANSPORT-SECURITY:MAX-AGE=315360001, in the Apache Master Profile httpd.conf, locate the line that contains the httpd-default.conf and unpack the comment [email protected] ~]# vim/usr/local/httpd/conf/httpd.conf486 #Include conf/extra/httpd-default.conf: 486 Include conf /extra/httpd-default.conf Note: In the case of a compilation installation, only this line will be able to undo the comment, and subsequent modifications can take effect. 2) Open the httpd-default.conf file, modify the following two places [[email protected] ~]# vim/usr/local/httpd/conf/extra/httpd-default.conf # Change the following line: Servertokens full serversignature on: Servertokens Prod serversignature off NOTE: Server tag product service Server Signature Restart service: [[email protected] ~]#/etc/init.d/apachectl Restart test: [[email protected] ~]# curl-i 192.168.1.63http/1.1 Okdate:sat, 09:07:00 gmtserver:apachex-Powered-by:php/5.4.14content-type:text/html Note: The message will still appear: Server:apache
The Apache tuning of Lamp