domenica, Aprile 18, 2021

How to enable TLS v1.2 in Apache2

To add TLS1.2 you just need to add in your https virtual host configuration: SSLProtocol -all +TLSv1.2 -all is removing other ssl protocol (SSL 1,2,3 TLS1) +TLSv1.2 is adding TLS 1.2 for more browser compatibility...

Apache2 – Authentication using MySQL backend

This tutorial will explain how to use a MySQL backend in order to authentication users against your Apache website. To achieve this we will use Apache2 and its auth_mysql module. Here, we...

How-to – Verifiy if Apache running as prefork or worker

To verify if Apache running as prefork or worker, do the following command: [email protected]:~$ apache2 -l Compiled in modules: core.c mod_log_config.c mod_logio.c worker.c http_core.c mod_so.c Here we find the module worker.c, hence I'm running the worker MPM.

How to create a self-signed SSL Certificate (testing use)

Overview The following is an extremely simplified view of how SSL is implemented and what part the certificate plays in the entire process. Step 1: Generate a Private Key The openssl toolkit is used...

How-to – Apache2 – LimitRequests reached

If the Apache Error Log file displays the following error (debug mode), may need to change the Request Line/Request Fields/Request Field Size, Request Body limit values. Request header exceeds LimitRequestFieldSize: Authorization ...

How-to – Apache2 – Request header/Request body timeout

If the Apache Error Log file displays the following error (debug mode), may need to change the timeout values ​​within the Apache's reqtimeout module located in /etc/apache2/mods-enabled (Debian/Ubuntu). Restart the Apache service...

Apache – .htaccess Security

Below you see a list of the important rules that you can add to your .htaccess file to harden security, by greatly limiting the exposure of your website to many types...

Apache – GET/POST Security

Below is a useful code to block out some common exploits for GET/POST values with .htaccess Simply add the code to your /public_html/.htaccess file: # GET/POST Security with .htaccess Options +FollowSymLinks RewriteEngine On # # Block out...

How To Tune Apache – mpm prefork

Recognize that Ubuntu 14.04 uses Apache 2 with PHP running through an mpm_prefork module (Debian 8 use mpm_event), of which an editable file is in /etc/apache2/mods-enabled/mpm_prefork.conf. Also, recognize that starting...

Bad Bots and Spider list

Below is a useful code block for blocking a lot of the known bad bots and site rippers currently out there. Simply add the code to your /public_html/.htaccess file: # Bad bot SetEnvIfNoCase User-Agent...