Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
Community
OrganizationEventAdvent CalendarQiitadon (β)
Service
Qiita JobsQiita ZineQiita Blog
21
Help us understand the problem. What are the problem?

More than 3 years have passed since last update.

posted at

updated at

apacheで攻撃者に有用な情報を与えない対策

nginxの場合は Nginx導入時、サクッと対応しておくと良いかもしれない - Qiita

確認
curl -I http://url〜

Apacheのバージョンを出力させない

httpd.conf
- ServerTokens Full
+ ServerTokens Prod
  • ServerSignature OffはProdの場合不要。
curl localhost/aaa
 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
 <html><head>
 <title>404 Not Found</title>
 </head><body>
 <h1>Not Found</h1>
 <p>The requested URL /aaa was not found on this server.</p>
 <hr>
+<address>Apache/2.4.7 (Ubuntu) Server at localhost Port 80</address>
 </body></html>

PHPのバージョンを出力させない

php.ini
- expose_php = On
+ expose_php = Off

Apacheのwelcomeページを表示させない

cd /etc/httpd/conf.d/
mv welcome.conf welcome.conf.org

以下は今はしなくても良さそう。

IE6初期以前のBasic認証セキュリティ向上

telnet dummy.hoge.jp 80
  • OPTIONS / HTTP/1.0を入力しEnter2回。

Allow: GET,HEAD,POST,OPTIONS,TRACE

TRACEを無効にするには以下

httpd.conf
+ TraceEnable Off
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
21
Help us understand the problem. What are the problem?