May 2016
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Categories

May 2016
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Securing Apache – TRACE TRACK XSS

Securing Apache – TRACE TRACK XSS

I always scan my servers every month with Openvas as one of my PCI-DSS task. And this week I locking down my Apache servers.

Add this in you vhost file ore in the welcome.conf file and rerun you scan.

TraceEnable off

RewriteEngine On

RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)

RewriteRule .* – […]

Apache performance config

Apache performance config

Now on all my Apache i always load this Apache config. It enabled some apache standard performance config for Apache as a good standard.

KeepAlive. Gzip all transfer and local disk cache

my /etc/httpd/cond.f/01.conf

NameVirtualHost *:80 NameVirtualHost *:443

#Speedning upp webres Apache config

# 2 HOURS Header set Cache-Control “max-age=7200, public” # […]