Ubuntu14.04

出自 新化國中wiki平台
前往: 導覽搜尋

apache2

httpd.conf 不直接include,或者不適用 ,可放在conf.d

  • 整個架構已微調:
	/etc/apache2/
	|-- apache2.conf
	|	`--  ports.conf
	|-- mods-enabled
	|	|-- *.load
	|	`-- *.conf
	|-- conf-enabled
	|	`-- *.conf
	`-- sites-enabled
	 	`-- *.conf
  • conf的設定改變
Require all denied

Require all granted

Require host xxx.com

Require ip 192.168.1 192.168.2

Require local
    1. Deny All
       2.2 configuration:
           Order deny,allow
           Deny from all
       2.4 configuration:
           Require all denied
    1. Allow All
       2.2 configuration:
           Order allow,deny
           Allow from all
       2.4 configuration:
           Require all granted
    1. Allow Host
       2.2 configuration:
           Order Deny,Allow
           Deny from all
           Allow from example.org
       2.4 configuration:
           Require host example.org
    1. Directory 用 Require all granted
       <Directory /var/>
       Options FollowSymLinks
       AllowOverride None
       Require all granted
       </Directory>
    1. FilesMatch 維持用 Order
       <FilesMatch ".+\.phps$">
       SetHandler application/x-httpd-php-source
       Order Deny,Allow
       Allow from all
       </FilesMatch>

資安設定

  1. apache2 可設在security
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range
FileETag None
ServerTokens Prod
  1. php.ini cookie over ssl with security
session.cookie_secure = 1