Monday 27 October 2014

Apache Hardening



Change Apache Server Signature with mod_security

vim /etc/httpd/conf/httpd.conf
ServerTokens ProductOnly
ServerSignature Off

#Restart apache

[root@GAIDL-5013 ~]# curl -LI localhost
HTTP/1.1 302 Found
Date: Mon, 27 Oct 2014 14:39:40 GMT
Server: Apache
Location: http://localhost/ovirt-engine/
Connection: close
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 503 Service Temporarily Unavailable
Date: Mon, 27 Oct 2014 14:39:40 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1

###To hide the above Server: Apache follow the below settings##

#yum install mod_security
#vim /etc/httpd/conf.d/mod_security.conf

##Add the below two lines after   SecRuleEngine On directive###
    ServerTokens Full
    SecServerSignature Mansoor_Web_Server

#Restart apache

[root@GAIDL-5013 ~]# curl -LI localhost
HTTP/1.1 302 Found
Date: Mon, 27 Oct 2014 14:41:21 GMT
Server: Mansoor_Web_Server mod_perl/2.0.4 Perl/v5.10.1
Location: http://localhost/ovirt-engine/
Connection: close
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 503 Service Temporarily Unavailable
Date: Mon, 27 Oct 2014 14:41:21 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1

Reference: http://www.queryadmin.com/206/change-apache-server-signature-mod_security/ & http://www.howtoforge.com/changing-apache-server-name-to-whatever-you-want-with-mod_security-on-debian-6