Apache安全

八月 22nd, 2009 Posted in Apache | 阅读次数: 70 次

1.查看加载的模块
httpd -l

2.隐藏和伪装版本
vi httpd.conf
ServerSigature off
ServerTokens Prod

3.禁止访问文档根目录之外的任何文件
vi httpd.conf
<Directory/>
order deny,allow
deny from all
</Directory>

<Directory /var/www/html>
order allow,deny
allow from all
</Directory>

4.使用ModSecurity模块加固Apache
功能:
请求过滤
反检测绕过技术
HTTP过滤规则
完全审计记录
HTTP解释
CHROOT功能
掩盖WEB服务器标识

5.使用CIS的APACHE BENCHMARK对APACHE进行安全检测
benchmark.pl -c /etc/httpd/conf/httpd.conf -o result.html

6.受权访问 加密码
htpasswd -c /usr/local/apache/passwd/passwords rbowen

<Directory “/var/www/html/db”>
AuthType Basic
AuthName “Restricted Files”
AuthUserFile /etc/httpd/passwd
Require user admin
</Directory>

随机日志


This entry was posted on 星期六, 八月 22nd, 2009 at 20:44 and is filed under Apache. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

9 Responses to “Apache安全”

  1. Panic Attack Treatment Says:

    五月 3rd, 2011 at 04:23

    Recent Favourite Websites…

    [...]while the sites I link to below are completely unrelated to mine, I think they are worth a read, so go and have a look http://www.panicattackstreatmentcure.net/links/…...


  2. Related Resources Says:

    五月 9th, 2011 at 20:18

    Interesting Posts…

    [...]some other related resources on the web that are worth viewing on this subject include[...]…


  3. Thrush Treatment Says:

    五月 9th, 2011 at 21:24

    Recent Favourite Sites…

    [...]below you’ll find my links page http://www.yeastinfectiontreatmentcure.net/links/ with some great sites that I think you should definitely go visit[...]…


  4. Related Resources Says:

    五月 13th, 2011 at 23:27

    Recommended Sites…

    [...]below you’ll see my recommended links page http://www.yeastinfectiontreatmentcure.net/links/ with some fantastic websites that I think you should definitely visit[...]…


  5. Resources Says:

    五月 26th, 2011 at 01:24

    Interesting Posts…

    [...]some other related resources on the web that are worth viewing on this subject include[...]…


  6. it services Says:

    六月 21st, 2011 at 16:02

    You should check this out……

    [...] Wonderful story, reckoned we could combine a few unrelated data, nevertheless really worth taking a look, whoa did one learn about Mid East has got more problerms as well [...]………


  7. bouton de manchette Says:

    六月 21st, 2011 at 16:03

    WOW! check this out!……

    Amazing Post, worth a read……


  8. advertisements Says:

    六月 22nd, 2011 at 21:57

    Our Trackback……

    [...]very few websites that happen to be detailed below, from our point of view are undoubtedly well worth checking out[...]………


  9. internet attorney newsletter Says:

    十一月 18th, 2011 at 20:21

    Great website…

    [...]we like to honor many other internet sites on the web, even if they aren’t linked to us, by linking to them. Under are some webpages worth checking out[...]………


留下您的脚印