Ubuntu 12.04 Precise LTS: Install and secure Apache 2 web server








  1. Install apache2:
    sudo apt-get install apache2
  2. Hide the Apache Version number, and other sensitive information:
    sudo vi /etc/apache2/conf.d/security
    ServerTokens Prod
    ServerSignature Off
    
  3. Turn off directory browsing:
    sudo vi /etc/apache2/sites-available/default
    <Directory /var/www/>
        Options -Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>
    
  4. Follow this guide to install ModSecurity.
  5. Follow this guide to install ModEvasive.



No comments:

Post a Comment