Skip to main content

Server Security - Apache Web Server Hardening

Whenever any request is made from client to server then it sends some headers from server to client or vice versa. So when we receive server response we get some headers that give some extra information about the server.

This information or headers sometimes becomes vulnerable for hackers to break your server and get into it. In order to stop unauthorized access we secure our server.

So in this article “Server Security – Apache Web Server Hardening” I will secure the apache server by removing the server details from response headers. This comes under the Banner Grabbing Attack.

In the Banner Grabbing method, Hacker tries to identify the target system OS or server name and version to penetrate into the system.

To understand this look at the image below.

Server Vulnerability
Server Details

If you will look at the image you will find out, In server response headers we are actually getting the lots of details.

We are getting the following items:

1. Server Name and Version (Apache & 2.4.43)
2. OS Name (Win64)
3. Web Language Name and Version (PHP & 7.3.17 )

The above information is big enough to carry out attacks on your server.

Prevention:

So in order to prevent this attack the best way is to remove this sensitive information from response headers. To do this you have to make changes in httpd.conf file. This file basically the configuration file of your server.

You may find httpd.conf file on following location

Ubuntu – /etc/apache2
Cent OS – /etc/httpd/conf
Windows – wamp/apache2/conf/

Steps:

  1. Open httpd.conf file
  2. Then search for “ServerTokens” and set its value to Prod. If it does not exist then add it at the end of the file.
  3. Save the file.
  4. Restart the server.
Final Result

Note: In an earlier Apache version before 2.0.44, you have to set the “ServerSignature” value to On in order to achieve the same.

Version < 2.0.44

ServerSignature Off
ServerTokens Prod

Version > 2.0.44

ServerTokens Prod

Server Tokens Directive

Server Token has 5 Possible values

ServerTokens Prod[uctOnly]

Server sends (e.g.): Server: Apache

ServerTokens Major

Server sends (e.g.): Server: Apache/2

ServerTokens Minor

Server sends (e.g.): Server: Apache/2.0

ServerTokens Min[imal]

Server sends (e.g.): Server: Apache/2.0.41

ServerTokens OS

Server sends (e.g.): Server: Apache/2.0.41 (Unix)

ServerTokens Full (or not specified)

Server sends (e.g.): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.2

Server Signature Directive

The ServerSignature appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.

Now after version, 2.0.44 ServerToken directive can control both

Suggested Read: Play Playstation 3 Games on PC

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

3D ANALYZER SETTINGS

Settings for Prince of Persia Sands of Time Works with this game, u can try wid others also which are not in above list Performance section: -force zBuffer Hardware limits: -emulate HW TnL caps -emulate Pixel shader caps ANTI-DETECT MODE section: -shaders Z-buffer section: -24 bit zbuffer(with stencil) DirectX DeviceID’s section: NVIDIA GeForce Ti4600 Configuration: VendorID : 4318 Device ID :592 Works well in the following or higher configuration -Intel 865GSA motherboard, -512 MB RAM, -Pentium D dual core 2.66 GHz processor, -No graphics card required…….. have fun.
184 comments
Read more

SMACKDOWN HERE COMES THE PAIN PCSX2 SETTINGS

Smack Down Here Comes The Pain Configuration: GRAPHICS-GSDX 1600(MSVC 15.00 SSSE3)0.1.15 CONTROLLERS-LILLY PAD 0.10.0 CDVDROM-EPP POLLING CDVD DRIVER 0.4.0 USB-USB NULL DRIVER 0.6.0 SOUND-SPU2-X1.1.0 SECOND CONTROLLER-LILLY PAD 0.10.0 DEV9-DEV9NULL DRIVER-0.4.0 FIRE WIRE-FWNULL DRIVER 0.5.0 BIOS-EUROPE V01.60(04/10/2001)CONSOLE SYSTEM REQUIREMENTS FOR PCSX2- MINIMUM - * Windows/Linux OS * CPU: Any that supports SSE2 (Pentium 4 and up, Athlon64 and up) * GPU: Any that supports Pixel Shader model 2.0, except Nvidia FX series (broken SM2.0, too slow anyway) * 512mb RAM (note Vista needs at least 2gb to run reliably) RECOMMENDED - * Windows Vista 32bit/64bit with the latest DirectX * CPU: Intel Core 2 Duo @ 3.2ghz or better * GPU: 8600gt or better (for Direct3D10 support) * RAM: 1gb on Linux/Windows XP, 2gb or more on Vista MY SYSTEM REQUIREMENTS WINDOWS XP SP3 PENTIUM DUAL CORE 2.6GHZ (E5300) 2GB RAM ZOTAC 8400GS 512MB DIRECT-X 9...
118 comments
Read more

$$$$$$$$10 reasons why PCs crash U must Know$$$$$$$

10 reasons why PCs crash U must Know Fatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications." You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening? 1 Hardware conflict The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device. For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself. If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number...
Post a Comment
Read more