Hardening Apache2 and PHP in Ubuntu 12.04 server

Step 1 : Edit php.ini file

             sudo nano /etc/php5/apache2/php.ini

#Add or Edit the following line in it .
   
             disable_functions = exec,system,shell_exec,passthru
 ; Decides whether PHP may expose the fact that it is installed on the server 
             expose_php =off
             magic_quotes_gpc = on
             display_errors = Off
             log_errors = On
             display_errors = Off
             log_errors = On
             display_errors = Off
             log_errors = On



Step 2 : Avoid Listing files in Apache Directory. Edit file
                 nano gedit /etc/apache2/sites-available/default


#Add or Edit the following line in it .
                <Directory /var/www/>
                Options -Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
                </Directory>

Add minus "-" infront of Indexes

Step 3: Install mod_evasive

sudo apt-get install libapache2-mod-evasive

Step 4 :Install ModSequrity module in Server
Step 5 :Disable Apache and Ubuntu Server Information on error page
           ServerTocken
           ServerSignature Off
           TraceEnable Off

              

Comments

Popular posts from this blog

Datastax Error : Cannot start node if snitch's data center (dc1) differs from previous data center (dc2)

Datastax Error : Cassandra - Saved cluster name Test Cluster != configured name

Configure Nagios plugin " check_logfiles " for scanning log file

Popular posts from this blog

Datastax Error : Cannot start node if snitch's data center (dc1) differs from previous data center (dc2)

Datastax Error : Cassandra - Saved cluster name Test Cluster != configured name

Configure Nagios plugin " check_logfiles " for scanning log file