From Steak Wiki
Jump to navigationJump to search

Apache hardening: https://wiki.zoneminder.com/Ubuntu_Install_ZoneMinder_on_Ubuntu_Server

Eliminate Error Pages

Append this:

Contents of /etc/apache2/apache.conf

ErrorDocument 400 /error.html ErrorDocument 401 /error.html ErrorDocument 404 /error.html ErrorDocument 403 /error.html ErrorDocument 500 /error.html ErrorDocument 502 /error.html ErrorDocument 503 /error.html ErrorDocument 504 /error.html

Contents of /var/www/html/error.html

Just a blank file.


enable / disable ssl (listen on port 443)

a2enmod ssl
a2dismod ssl

enable / disable certain php vers

a2enmod php5.6
a2dismod php5.5


#apt-get install libapache2-mod-geoip 
#a2enmod geoip 
cd /usr/share/GeoIP
#wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
#gunzip GeoLiteCity.dat.gz - this didn't work. todo


<IfModule mod_geoip.c>
  GeoIPEnable On
  GeoIPDBFile /usr/share/GeoIP/GeoIP.dat


<VirtualHost *>
        ServerAdmin webmaster@example.com
        ServerName www.example.com
        ServerAlias www.example.com *.www.example.com
        DocumentRoot /var/www/webseite/

<Directory /var/www/webseite/>
        AllowOverride FileInfo Options
        SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry
        Deny from all
        Allow from env=AllowCountry

###### Logs ####

        ErrorLog /var/log/apache2/webseite.error.log
        LogLevel warn
        CustomLog /var/log/apache2/webseite.access.log combined

This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat...

php test script (note: remove html comment tags)

 <!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?-->

multiple env variables at the same time (i.e. require both):

   Allow from env=AllowedCountry1 & AllowCountry2