November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Categories

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

BLOCKING IMAGE BANDWIDTH THEFT/HOTLINKING WITH URL REWRITING

You can stop others from hotlinking your site’s files by placing a file called .htaccess in your Apache site root (main) directory. The period before the name means the file is hidden, so you may want to edit your file as htaccess.txt, upload it to your server, then rename the txt file to .htaccess in […]

TEMPORARY “SITE DOWN” NOTICE IN APACHE Linux Web

“Site down for maintenance” notice using Apache .htaccess and the mod_rewrite module. I assume you know how to enable the Apache htaccess directive and the mod_rewrite module.

First you need to create a .htaccess file in your root level of your website. Next you add the following lines to it

Options +FollowSymlinks RewriteEngine on […]

Sudo And apache

a. login as root

b. Edit the sudoers file u uusing visudo command visudo Ensure the following is in the file if # is there infront of the line then remove it. Save the file hit esc key the : wq ## Allows people in group wheel to run all commands %wheel ALL=(ALL) ALL

c. […]

CentOS LAMP

# mount /dev/cdrom /mnt/cdrom

# vi /etc/yum.repos.d/CentOS-Media.repo

[c5-media] name=CentOS-$releasever – Media baseurl=file:///mnt/cdrom file:///media/cdrom/ file:///media/cdrecorder/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

2? /etc/yum.repos.d/CentOS-Base.repo # mv /etc/yum.repos.d/CentOS-Base.repo /backup

3? gcc?gcc-c++ yum -y install gcc yum -y install gcc-c++

2? RPM Apache?MySQL httpd?mysqld

service httpd stop service mysqld stop

chkconfig –level 2345 httpd?mysqld? off

3? SELinux?

1? SELinux

# vi /etc/selinux/config

[…]

CentOS6.8 compiler installation Apache2.4.25, MySQL5.7.16, PHP5.6.29 initialization

CentOS6.8 compiler installation Apache2.4.25, MySQL5.7.16, PHP5.6.29 initialization

# Fixed IP address vi /etc/sysconfig/network-scripts/ifcfg-eth0 ONBOOT=yes BOOTPROTO=none DNS1=202.96.209.133 IPADDR=192.168.159.68 PREFIX=24 GATEWAY=192.168.159.2

# The base library yum groupinstall base yum grouplist yum groupinstall ‘Development tools’ yum groupinstall ‘Debugging Tools’ yum groupinstall ‘Compatibility libraries’

Apache

mkdir /app/src -p cd /app/src/ wget -c http://mirrors.aliyun.com/apache/apr/apr-1.5.2.tar.gz wget -c http://mirrors.aliyun.com/apache/apr/apr-util-1.5.4.tar.gz wget -c http://mirrors.aliyun.com/apache/httpd/httpd-2.4.25.tar.gz […]

Migrating the Apache from 2.2 to 2.4 and write the procedure.

Migrating the Apache from 2.2 to 2.4 and write the procedure.

Also I think it can be used as SSL / TLS security setting example (2015).

table of contents Introduction environment Preliminary preparation Package Upgrade Apache2.4 setting Tomcat8 setting Starting the Server Confirmation Summary Related article Introduction

May Logjam Attack on measures to, (or higher […]

Proxying from Apache HTTPS to some backend server that only speaks HTTP

Proxying from Apache HTTPS to some backend server that only speaks HTTP

Here’s a use case: You want to run an application server that only speaks HTTP, but securely, over HTTPS. The problem is that the application server won’t know that it’s being accessed via HTTPS, so any URLs and redirects it generates might point […]

Configuring SSL and Gitlab through an Apache Reverse Proxy

Configuring SSL and Gitlab through an Apache Reverse Proxy

I’ve recently started to use Gitlab as an alternative to a Github paid account for projects I don’t wish to make public. I wanted to install Gitlab on a server which is used for a few other applications which all use Apache, while Gitlab […]

Access authorization in Apache 2.4

In Apache 2.4 the authorization configuration setup has changed from previous versions. Satisfy, Order, Deny and Allow have all been deprecated and replaced with new Require directives.

Below we’ve compiled some examples to guide you through the transition.

If you are upgrading a server using the legacy authorization directives you can make them work quickly […]

Securing Apache – TRACE TRACK XSS

Securing Apache – TRACE TRACK XSS

I always scan my servers every month with Openvas as one of my PCI-DSS task. And this week I locking down my Apache servers.

Add this in you vhost file ore in the welcome.conf file and rerun you scan.

TraceEnable off

RewriteEngine On

RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)

RewriteRule .* – […]