Wednesday, February 5, 2025
Latest:
OPERATING SYSTEMSOS Linux

Securing Apache [Debian Linux]

Securing Apache [Debian Linux]
I (tobor), demonstrate how to secure an Apache server on a Debian based Linux system and show some of the reasons behind them. If you like what you see please subscribe!

COMMANDS TO USE WHAT I USED
sudo apt update && sudo apt install -y apache2 apache2-utils libapache2-mod-security2 libapache2-mod-evasive
sudo a2enmod ssl headers security2 socache_shmcb unique_id rewrite

CONFIGURATION TEMPLATES
Fail2Ban (Not Covered in video for brevity and possible other video)
https://github.com/OsbornePro/ConfigTemplates/blob/main/fail2ban-apacheSSH-jail.local

Default-SSL File
https://github.com/OsbornePro/ConfigTemplates/blob/main/apache2-default-ssl.conf

SSL Module Conf File
https://github.com/OsbornePro/ConfigTemplates/blob/main/apache2-mods-enabled-ssl.conf

Security2 Module Conf File
https://github.com/OsbornePro/ConfigTemplates/blob/main/apache2-security.conf

Apache2.conf File
https://github.com/OsbornePro/ConfigTemplates/blob/main/apache2.conf

000-Defaut Site Conf File
https://github.com/OsbornePro/ConfigTemplates/blob/main/apache2file-000-default.conf

0:00 Intro Summary
1:17 What to install and enable
1:55 Unique ID Module
2:14 Apache user least privilege
4:01 Disabling unused HTTP Request Methods (TRACE, TRACK)
6:32 Rewrite Rules for security
11:45 Hiding Version and OS Info (Using Apache Config)
13:48 Hiding Version and OS Info (Security2 Module)
15:37 Custom Error Pages
16:57 Delete available online apache docs (Older versions)
17:41 Turn ETags off
19:04 Secure Headers you can use
24:28 Create a Diffie Hellman Key
26:47 Strong TLS suites and ciphers
29:00 Using OCSP Stapling
31:45 Directory Traversals
32:40 Dont use .htaccess
35:40 Other settings to help against DoS related attacks
37:16 Thanks for watching!

View my Verified Certifications!
https://www.credly.com/users/roberthosborne/badges

Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro

Official Site
https://osbornepro.com/

Give Respect on HackTheBox!
https://www.hackthebox.eu/profile/52286

Like us on Facebook!
https://www.facebook.com/osborneprollc

View PS Gallery Modules!
https://www.powershellgallery.com/profiles/tobor

The B.T.P.S. Security Package
https://www.btpssecpack.osbornepro.com/

source

by OsbornePro LLC

linux foundation

You May Also Like

Encouraging Diversity and Inclusion in the Open Source Ecosystem – Zainab Abubakar, She Code Africa

How To Install || Kali Linux ||On Windows 7,8,10 || Virtualbox || (100% Working)

काली मां को देखकर भक्त हुआ बेहोश

Leave a Reply

Your email address will not be published. Required fields are marked *