[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

246852

 
 

909

 
 

194149

 
 

282

 
 
Paid content will be excluded from the download.

Filter
Matches : 30385 Download | Alert*

Disable Server Activity Status The 'status' module provides real-time access to statistics on the internal operation of the web server. This may constitute an unnecessary information leak and should be disabled unless necessary. To do so, comment out the related module: '#LoadModule status_module modules/mod_status.so' If there is a critical need for this module, ensure that access to the status ...

Disable Web Server Configuration Display The 'info' module creates a web page illustrating the configuration of the web server. This can create an unnecessary security leak and should be disabled. If its functionality is unnecessary, comment out the module: '#LoadModule info_module modules/mod_info.so' If there is a critical need for this module, use the 'Location' directive to provide an access ...

Disable URL Correction on Misspelled Entries The 'speling' module attempts to find a document match by allowing one misspelling in an otherwise failed request. If this functionality is unnecessary, comment out the module: '#LoadModule speling_module modules/mod_speling.so' This functionality weakens server security by making site enumeration easier.

Disable Proxy Support The 'proxy' module provides proxying support, allowing 'httpd' to forward requests and serve as a gateway for other servers. If its functionality is unnecessary, comment out the module: '#LoadModule proxy_module modules/mod_proxy.so'

Disable Cache Support The 'cache' module allows 'httpd' to cache data, optimizing access to frequently accessed content. However, it introduces potential security flaws such as the possibility of circumventing 'Allow' and 'Deny' directives. If this functionality is unnecessary, comment out the module: '#LoadModule cache_module modules/mod_cache.so' If caching is required, it should not be enable ...

Disable CGI Support The 'cgi' module allows HTML to interact with the CGI web programming language. If this functionality is unnecessary, comment out the module: '#LoadModule cgi_module modules/mod_cgi.so'

Restrict Root Directory The 'httpd' root directory should always have the most restrictive configuration enabled. <Directory / > Options None AllowOverride None Order allow,deny </Directory>

Restrict Web Directory The default configuration for the web ('/var/www/html') Directory allows directory indexing ('Indexes') and the following of symbolic links ('FollowSymLinks'). Neither of these is recommended. The '/var/www/html' directory hierarchy should not be viewable via the web, and symlinks should only be followed if the owner of the symlink also owns the linked file. Ensure that t ...

Install mod_ssl Install the 'mod_ssl' module: '$ sudo yum install mod_ssl'

Set Permissions on the /var/log/httpd/ Directory Ensure that the permissions on the web server log directory is set to 700: '$ sudo chmod 700 /var/log/httpd/' This is its default setting.


Pages:      Start    3027    3028    3029    3030    3031    3032    3033    3034    3035    3036    3037    3038    ..   3038

© SecPod Technologies