Skip to main content

Server Security - Apache Web Server Hardening

Whenever any request is made from client to server then it sends some headers from server to client or vice versa. So when we receive server response we get some headers that give some extra information about the server.

This information or headers sometimes becomes vulnerable for hackers to break your server and get into it. In order to stop unauthorized access we secure our server.

So in this article “Server Security – Apache Web Server Hardening” I will secure the apache server by removing the server details from response headers. This comes under the Banner Grabbing Attack.

In the Banner Grabbing method, Hacker tries to identify the target system OS or server name and version to penetrate into the system.

To understand this look at the image below.

Server Vulnerability
Server Details

If you will look at the image you will find out, In server response headers we are actually getting the lots of details.

We are getting the following items:

1. Server Name and Version (Apache & 2.4.43)
2. OS Name (Win64)
3. Web Language Name and Version (PHP & 7.3.17 )

The above information is big enough to carry out attacks on your server.

Prevention:

So in order to prevent this attack the best way is to remove this sensitive information from response headers. To do this you have to make changes in httpd.conf file. This file basically the configuration file of your server.

You may find httpd.conf file on following location

Ubuntu – /etc/apache2
Cent OS – /etc/httpd/conf
Windows – wamp/apache2/conf/

Steps:

  1. Open httpd.conf file
  2. Then search for “ServerTokens” and set its value to Prod. If it does not exist then add it at the end of the file.
  3. Save the file.
  4. Restart the server.
Final Result

Note: In an earlier Apache version before 2.0.44, you have to set the “ServerSignature” value to On in order to achieve the same.

Version < 2.0.44

ServerSignature Off
ServerTokens Prod

Version > 2.0.44

ServerTokens Prod

Server Tokens Directive

Server Token has 5 Possible values

ServerTokens Prod[uctOnly]

Server sends (e.g.): Server: Apache

ServerTokens Major

Server sends (e.g.): Server: Apache/2

ServerTokens Minor

Server sends (e.g.): Server: Apache/2.0

ServerTokens Min[imal]

Server sends (e.g.): Server: Apache/2.0.41

ServerTokens OS

Server sends (e.g.): Server: Apache/2.0.41 (Unix)

ServerTokens Full (or not specified)

Server sends (e.g.): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.2

Server Signature Directive

The ServerSignature appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.

Now after version, 2.0.44 ServerToken directive can control both

Suggested Read: Play Playstation 3 Games on PC

Labels:

Comments

Post a Comment

Popular posts from this blog

3D ANALYZER SETTINGS

Settings for Prince of Persia Sands of Time Works with this game, u can try wid others also which are not in above list Performance section: -force zBuffer Hardware limits: -emulate HW TnL caps -emulate Pixel shader caps ANTI-DETECT MODE section: -shaders Z-buffer section: -24 bit zbuffer(with stencil) DirectX DeviceID’s section: NVIDIA GeForce Ti4600 Configuration: VendorID : 4318 Device ID :592 Works well in the following or higher configuration -Intel 865GSA motherboard, -512 MB RAM, -Pentium D dual core 2.66 GHz processor, -No graphics card required…….. have fun.
184 comments
Read more

SMACKDOWN HERE COMES THE PAIN PCSX2 SETTINGS

Smack Down Here Comes The Pain Configuration: GRAPHICS-GSDX 1600(MSVC 15.00 SSSE3)0.1.15 CONTROLLERS-LILLY PAD 0.10.0 CDVDROM-EPP POLLING CDVD DRIVER 0.4.0 USB-USB NULL DRIVER 0.6.0 SOUND-SPU2-X1.1.0 SECOND CONTROLLER-LILLY PAD 0.10.0 DEV9-DEV9NULL DRIVER-0.4.0 FIRE WIRE-FWNULL DRIVER 0.5.0 BIOS-EUROPE V01.60(04/10/2001)CONSOLE SYSTEM REQUIREMENTS FOR PCSX2- MINIMUM - * Windows/Linux OS * CPU: Any that supports SSE2 (Pentium 4 and up, Athlon64 and up) * GPU: Any that supports Pixel Shader model 2.0, except Nvidia FX series (broken SM2.0, too slow anyway) * 512mb RAM (note Vista needs at least 2gb to run reliably) RECOMMENDED - * Windows Vista 32bit/64bit with the latest DirectX * CPU: Intel Core 2 Duo @ 3.2ghz or better * GPU: 8600gt or better (for Direct3D10 support) * RAM: 1gb on Linux/Windows XP, 2gb or more on Vista MY SYSTEM REQUIREMENTS WINDOWS XP SP3 PENTIUM DUAL CORE 2.6GHZ (E5300) 2GB RAM ZOTAC 8400GS 512MB DIRECT-X 9...
118 comments
Read more

Choosing the Best CPU for Your Gaming Computer

Picking the latest, fastest or most expensive processor on the market won’t always result in the right CPU for your particular system. Some processors are designed to work with certain motherboards, so the CPU you choose will limit the type of motherboard you can get. The CPU (Central Processing Unit) is one of the most important components in any computer system. The CPU could be described as the brains of a computer. It contains the logic circuitry that performs the instructions of the software you run. The performance of your games and other applications will be directly related to this tiny little microprocessor. The Major Players: Intel and AMD Two companies dominate the CPU market, Intel and AMD (Advanced Micro Devices). Both companies make a range of different processor models.  For example, Intel have the Core i7 and Core i5 processor models, while AMD have the Athlon and Phenom series.  The Best CPU for Gaming If you’re a basic computer user and y...
14 comments
Read more