Apache Web page security optimization

Apache Web security optimization

Apache Overview of web page optimization ：

In the enterprise , Deploy Apache Only the default configuration parameters are used , Can send many questions about network defense , In other words, the photo recognition configuration is for the previous lower server configuration ,

The previous configuration is no longer suitable for today's Internet era .

Web page compression practice

First step ： Check for installation mod_deflate modular :

The second step ： No installation mod_deflate modular , Recompile install Apache Add this module

1） Close the service , Then on httpd After the file is backed up , Install the program

2） Recompile install Apache add to mod_deflate modular

3） Recompile install

The third step ： To configure mod_deflate modular

1） Amendment No 51 That's ok , then 52 Line comment out

2） modify 105 Row sum 197 That's ok

3） Add configuration in the last line

Step four ： Check the installation , Start the service

Step five ： test mod_deflate Is compression effective

\1. Drag in the picture , Then edit index.html file

echo “192.168.153.30 www.nj.com” >> /etc/hosts

Web caching Practice

First step ： Check for installation mod expires modular

The second step ： If not installed mod_expires modular , Recompile install Apache add to mod_expires modular

1） Install the program

2） Load module

3） Recompile install

The third step ： To configure mod_expires Module enable

1） Switch directories and then modify the monitored IP Address

2） Cancel 111 Comment on line

3） Modify domain name

4） Add configuration in the last line

Step four ： Check the installation , Start the service

Step five ： test result

1） Go to the web page , Then clean up the records and refresh

2） Check whether the cache is effective

Apache Security optimization

Hide version information Practice

First step ： modify httpd.conf file , The modification is as follows

The second step ： modify httpd-default.conf file , The modification is as follows

test

Configure anti-theft chain Practice

First step ： Check for installation mod rewrite modular

The second step ： If not installed mod_rewrite modular , Recompile install Apache add to mod rewrite modular

1） Out of Service , Then back up the files , Conduct yum Erection sequence

2） add to mod rewrite modular

3） Recompile install

The third step ： To configure mod_rewrite Module enable

1） modify /usr/local/httpd/conf/httpd.conf file , Cancel 157 Line notes

2） stay 224 Add these configurations below the line （ I found it on the virtual machine , This is a screenshot of forgetting to finish ）

Step four ： Chain theft test

1） Configure on the source host （ This screenshot is wrong , The process of forgetting to modify back is such a process ）

Configure on the chain stealing host httpd Related configuration

Configure temporary domain name resolution on the chain stealing host

5） Visit the website address of the stealing host on the stealing host （ Remember to clean up the history and cache, and then refresh the web page ）