Attn: alycia
Based on my findings yesterday, here are some hardening tips to your apache server.
1. To disable server-infoOpen your apache httpd.conf, find the following paragaraph
SetHandler server-info
Order deny,allow
Allow from all
Change to this to, then restart your apache(httpd) server.
SetHandler server-info
Order deny,allow
#Allow from all
Deny from all
2. To disable server-statusOpen your apache httpd.conf, find the following paragaraph
SetHandler server-status
Order deny,allow
Allow from all
Change to this to, then restart your apache(httpd) server.
SetHandler server-status
Order deny,allow
#Allow from all
Deny from all
3. To disable directory listing, which is the most crucial part.Open your apache httpd.conf, find the following paragaraph
Options FollowSymLinks ExecCGI Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
Change to this to, then restart your apache(httpd) server.
Options FollowSymLinks ExecCGI Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
#Allow from all
Deny from all
If you done it right, you'll get 403 Forbidden error message when trying to access the 'vulnerable' page
Open source is secure only if you put some effort to secure it. Otherwise, it is more vulnerable comparing to windows
Based on my findings yesterday, here are some hardening tips to your apache server.
1. To disable server-infoOpen your apache httpd.conf, find the following paragaraph
SetHandler server-info
Order deny,allow
Allow from all
Change to this to, then restart your apache(httpd) server.
SetHandler server-info
Order deny,allow
#Allow from all
Deny from all
2. To disable server-statusOpen your apache httpd.conf, find the following paragaraph
SetHandler server-status
Order deny,allow
Allow from all
Change to this to, then restart your apache(httpd) server.
SetHandler server-status
Order deny,allow
#Allow from all
Deny from all
3. To disable directory listing, which is the most crucial part.Open your apache httpd.conf, find the following paragaraph
Options FollowSymLinks ExecCGI Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
Change to this to, then restart your apache(httpd) server.
Options FollowSymLinks ExecCGI Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
#Allow from all
Deny from all
If you done it right, you'll get 403 Forbidden error message when trying to access the 'vulnerable' page
Open source is secure only if you put some effort to secure it. Otherwise, it is more vulnerable comparing to windows
7 comments:
ok, saya akan view step2 tu... nak try kat server..
Thanks ye..
ok.. no hal
"saya"?.. gile formal...korang ni baru berkenalan ke hape??
ek eleh.. kecoh la kecik ni :P
ini bahasa pejabat hik hik hik...
hahaha saya bahasa pejabat.. betul tu .. akak, abang pun bahasa pejabat.. bila panggil seseorang tu akak.. automatik kita bahasakan diri kita saya
ye betul...
mmg otometik gitew...