Difference between revisions of "Apache"
From Steak Wiki
Jump to navigationJump to search(One intermediate revision by one other user not shown) | |||
Line 6: | Line 6: | ||
Append this: | Append this: | ||
{{Cat|/etc/apache2/apache.conf| | {{Cat|/etc/apache2/apache.conf| | ||
− | ErrorDocument 400 / | + | ErrorDocument 400 /error.html |
− | ErrorDocument 401 / | + | ErrorDocument 401 /error.html |
− | ErrorDocument 404 / | + | ErrorDocument 404 /error.html |
− | ErrorDocument 403 / | + | ErrorDocument 403 /error.html |
− | ErrorDocument 500 / | + | ErrorDocument 500 /error.html |
− | ErrorDocument 502 / | + | ErrorDocument 502 /error.html |
− | ErrorDocument 503 / | + | ErrorDocument 503 /error.html |
− | ErrorDocument 504 / | + | ErrorDocument 504 /error.html |
}} | }} | ||
− | {{Cat|/var/www/html/ | + | {{Cat|/var/www/html/error.html| |
}} | }} | ||
Just a blank file. | Just a blank file. | ||
Line 63: | Line 63: | ||
Deny from all | Deny from all | ||
Allow from env=AllowCountry | Allow from env=AllowCountry | ||
− | |||
</Directory> | </Directory> | ||
Latest revision as of 07:15, 11 May 2023
Apache hardening: https://wiki.zoneminder.com/Ubuntu_Install_ZoneMinder_on_Ubuntu_Server
Eliminate Error Pages
Append this:
Contents of /etc/apache2/apache.conf
ErrorDocument 400 /error.html
ErrorDocument 401 /error.html
ErrorDocument 404 /error.html
ErrorDocument 403 /error.html
ErrorDocument 500 /error.html
ErrorDocument 502 /error.html
ErrorDocument 503 /error.html
ErrorDocument 504 /error.html
Contents of /var/www/html/error.html
Just a blank file.
Misc
enable / disable ssl (listen on port 443)
a2enmod ssl a2dismod ssl
enable / disable certain php vers
a2enmod php5.6 a2dismod php5.5
GeoBlocking
- https://wiki.pratznschutz.com/index.php/Apache2_Geo_IP
- https://podtech.com/apache/block-ips-by-country-apache/
- https://wiki.ubuntuusers.de/Archiv/Apache/mod_geoip2/
#apt-get install libapache2-mod-geoip #a2enmod geoip cd /usr/share/GeoIP #wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz #gunzip GeoLiteCity.dat.gz - this didn't work. todo
geoip.conf
<IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/share/GeoIP/GeoIP.dat </IfModule>
/etc/apache2/sites-available/webseite-geoip
<VirtualHost *> ServerAdmin webmaster@example.com ServerName www.example.com ServerAlias www.example.com *.www.example.com DocumentRoot /var/www/webseite/ <Directory /var/www/webseite/> AllowOverride FileInfo Options SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry Deny from all Allow from env=AllowCountry </Directory> ###### Logs #### ErrorLog /var/log/apache2/webseite.error.log LogLevel warn CustomLog /var/log/apache2/webseite.access.log combined </VirtualHost>
This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat...
php test script (note: remove html comment tags)
<!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?-->
multiple env variables at the same time (i.e. require both):
Allow from env=AllowedCountry1 & AllowCountry2