1. Disable Signature (server version number and ServerName of the serving virtual host.)
2. Disable Banner (Server response header field, OS-type of the server, etc.)
3. Disable Directory Listing
Ref:
http://geekflare.com/apache-web-server-hardening-security/
2. Disable Banner (Server response header field, OS-type of the server, etc.)
vi httpd.conf vi httpd-default.conf ServerTokens Prod ServerSignature Off
3. Disable Directory Listing
httpd.conf Options -Indexes +FollowSymLinks +Includes +ExecCGI4. Timeout value configuration
vi httpd-default.conf Timeout 605. Hide PHP version info in HTTP header
vi php.ini display_errors=Off //hide php error info expose_php = Off
Ref:
http://geekflare.com/apache-web-server-hardening-security/
No comments:
Post a Comment