![]() ![]() Edit /etc/httpd/conf/nf as follows: ServerTokens Prod Hide information about the web server and the operating system in HTTP responses. ![]() Disable directory listing in order to prevent the browser from displaying the contents of a directory if there is no index.html present in that directory.Įdit /etc/httpd/conf/nf (and the configuration files for virtual hosts, if any) and make sure that the Options directive, both at the top and at Directory block levels, is set to None: Options Noneģ. The user Apache is running as should not have access to a shell: # usermod -s /sbin/nologin tecmintĢ. To further secure your Apache installation, follow these steps:ġ. TCP port 8100), you will have to add it to SELinux port context for the httpd service: # semanage port -a -t http_port_t -p tcp 8100 Note that, due to SELinux policies, you can only use the ports returned by # semanage port -l | grep -w '^http_port_t' # firewall-cmd -zone=public -add-port=9000/tcp -permanent # systemctl restart httpdĪnd don’t forget to enable the new port (and disable the old one) in the firewall: # firewall-cmd -zone=public -remove-port=80/tcp -permanent # apachectl configtestĪnd if everything is OK, then restart the web server. ![]() You can test the configuration file with. tecmint/ tecmint) to run the web server as and changing the default port to a higher one ( 9000 in this case): ServerRoot "/etc/httpd" The first security measure will consist of creating a dedicated user and group (i.e.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |