Tags: apache

Sort by: Date / Title /

1. Blocking Web Access to Cron Jobs
   7 months ago by spirit
   it's also possibl with a .htaccess file and "deny from all " in that file
   1. if (isset($_SERVER['REMOTE_ADDR'])) die('Permission denied.');
   apachecronhtaccessphpsecurity
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2039"></script>
2. ajouter un compte à un .htpasswd
   1 year ago by neorom
   1. htpasswd -c /mon_chemin/.htpasswd user
   apachebashcomptehtpasswd
   Embed | Raw source | 2
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1568"></script>
3. chown a svn project to www-data / exlude .svn directory with find
   1 year ago by spirit
   1. find . -name .svn -prune -o -print | xargs chown www-data:www-data
   2.  
   3. #Exclude another directory (cache)
   4. find . -name .svn -or -name cache -prune -o -print | xargs chown www-data:www-data
   apachechownexcludefindsvn
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1417"></script>
4. Sponsorised links
   sponsorised links
5. Prevent Apache and PHP to disclose any information about themselves
   1 year ago by spirit
   1. /etc/apache2/apache2.conf
   2. > ServerTokens Prod
   3. > ServerSignature Off
   4.  
   5. /etc/php5/apache2/php.ini
   6. > expose_php = Off
   apachephpsecuritysignature
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1405"></script>
6. Configurer un serveur local (sous Wamp) pour un accès en https (SSL) 
   1 year ago by cyo

   Dans un premier temps, suivre le tutoriel qui figure à cette adresse :
   http://apache.developpez.com/cours/apache20-modssl-windows/
   
   Regénérer la clé sans RSA (sinon message d'erreur "SSLPassPhraseDialog builtin is not supported on Win32") en ligne de commande (il faut d'abord faire une copie de la clé, ici : nom_du_serveur.key.org) :
   openssl rsa -in C:\"Program Files"\wamp\bin\apache\apache2.2.6\conf\ssl\nom_du_serveur.key.org -out C:\"Program Files"\wamp\bin\apache\apache2.2.6\conf\ssl\nom_du_serveur.key
   Voir http://www.entrust.net/knowledge-base/technote.cfm?tn=5634 pour les détails.
   
   Il faut paramétrer le VirtualHost du serveur concerné dans le fichier httpd-ssl.conf.
   En cas d'erreur, les logs se trouvent dans C:\Program Files\wamp\logs\apache_error.log

   apacheconfigurationhttpssslwampwindows
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1351"></script>
7. Apache Tips: Disable the HTTP TRACE method
   1 year ago by spirit
   Most vulnerability scanners will complain about TRACE method being enabled on the web server tested. This tip disable it and return a 403 FORBIDDEN error to the client (apache versions newer than 1.3.34 for the legacy branch, and 2.0.55 for apache2).

   This needs to be added in the main server config and the default is enabled (on):
   
   TraceEnable Off

   apachehttpsecuritesecuritytipstrace
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1337"></script>
8. Identifier la version de PHP installée sur un serveur
   1 year ago by cyo

   en ligne de commande :
   
   php -v
   ou :
   php5 -v

   apachebashphp
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1281"></script>
9. Trouver les logs de connections sur un serveur Apache
   1 year ago by cyo

   Regarder dans le répertoire :
   /var/log/httpd

   apachelog
   Embed | Raw source | 0
   Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1279"></script>
10. Appliquer les changements sur Apache après avoir fait des modifs dans php.ini
    2 years ago by cyo
    1. service httpd reload
    apachebashlinuxphpshell
    Embed | Raw source | 0
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1185"></script>
11. Apache mod_deflate (réduire la consommation de bande passante)
    2 years ago by spirit

    # Activer le module
    a2enmod deflate
    
    # On compresse les types mime suivants (hmtl, texte, xml, css, js)
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript
    
    # Niveau de compression
    DeflateCompressionLevel 9
    
    # Règles particulières pour navigateur non compatibles
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    
    # On log pour voir le taux de compression
    DeflateFilterNote Input input_info
    DeflateFilterNote Output output_info
    DeflateFilterNote Ratio ratio_info
    LogFormat '"%r" %{output_info}n/%{input_info}n (%{ratio_info}n%%)' deflate
    CustomLog /var/log/apache2/deflate_log deflate

    apachecompressiondeflategzip
    Embed | Raw source | 0
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/1048"></script>

First / Previous / Next / Last / Page 1 of 2 (18 posteets)