Difference between revisions of "Apache"

From Steak Wiki
Jump to navigationJump to search
 
(7 intermediate revisions by one other user not shown)
Line 6: Line 6:
 
Append this:
 
Append this:
 
{{Cat|/etc/apache2/apache.conf|
 
{{Cat|/etc/apache2/apache.conf|
ErrorDocument 400 /error555.html
+
ErrorDocument 400 /error.html
ErrorDocument 401 /error555.html
+
ErrorDocument 401 /error.html
ErrorDocument 404 /error555.html
+
ErrorDocument 404 /error.html
ErrorDocument 403 /error555.html
+
ErrorDocument 403 /error.html
ErrorDocument 500 /error555.html
+
ErrorDocument 500 /error.html
ErrorDocument 502 /error555.html
+
ErrorDocument 502 /error.html
ErrorDocument 503 /error555.html
+
ErrorDocument 503 /error.html
ErrorDocument 504 /error555.html
+
ErrorDocument 504 /error.html
 
}}  
 
}}  
  
  
{{Cat|/var/www/html/error555.html|
+
{{Cat|/var/www/html/error.html|
 
}}  
 
}}  
 
Just a blank file.
 
Just a blank file.
Line 40: Line 40:
 
  cd /usr/share/GeoIP
 
  cd /usr/share/GeoIP
 
  #wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
 
  #wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
  #gunzip GeoLiteCity.dat.gz
+
  #gunzip GeoLiteCity.dat.gz - this didn't work. todo
  
 
geoip.conf
 
geoip.conf
Line 63: Line 63:
 
         Deny from all
 
         Deny from all
 
         Allow from env=AllowCountry
 
         Allow from env=AllowCountry
        Allow from 192.168.
 
 
</Directory>
 
</Directory>
  
Line 73: Line 72:
 
</VirtualHost>
 
</VirtualHost>
 
  </pre>
 
  </pre>
This guide assumes you know how to restart apache.
+
This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat...
 +
 
 +
php test script (note: remove html comment tags)
 +
<pre>
 +
<!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?-->
 +
</pre>
 +
 
 +
multiple env variables at the same time (i.e. require both):
 +
    Allow from env=AllowedCountry1 & AllowCountry2
 +
 
 +
 
  
  
 
</small>
 
</small>

Latest revision as of 07:15, 11 May 2023

Apache hardening: https://wiki.zoneminder.com/Ubuntu_Install_ZoneMinder_on_Ubuntu_Server


Eliminate Error Pages

Append this:

Contents of /etc/apache2/apache.conf

ErrorDocument 400 /error.html ErrorDocument 401 /error.html ErrorDocument 404 /error.html ErrorDocument 403 /error.html ErrorDocument 500 /error.html ErrorDocument 502 /error.html ErrorDocument 503 /error.html ErrorDocument 504 /error.html


Contents of /var/www/html/error.html

Just a blank file.

Misc

enable / disable ssl (listen on port 443)

a2enmod ssl
a2dismod ssl


enable / disable certain php vers

a2enmod php5.6
a2dismod php5.5

GeoBlocking

#apt-get install libapache2-mod-geoip 
#a2enmod geoip 
cd /usr/share/GeoIP
#wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
#gunzip GeoLiteCity.dat.gz - this didn't work. todo

geoip.conf

<IfModule mod_geoip.c>
  GeoIPEnable On
  GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
</IfModule>

/etc/apache2/sites-available/webseite-geoip

<VirtualHost *>
        ServerAdmin webmaster@example.com
        ServerName www.example.com
        ServerAlias www.example.com *.www.example.com
        DocumentRoot /var/www/webseite/

<Directory /var/www/webseite/>
        AllowOverride FileInfo Options
        SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry
        Deny from all
        Allow from env=AllowCountry
</Directory>

###### Logs ####

        ErrorLog /var/log/apache2/webseite.error.log
        LogLevel warn
        CustomLog /var/log/apache2/webseite.access.log combined
</VirtualHost>
 

This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat...

php test script (note: remove html comment tags)

 <!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?-->

multiple env variables at the same time (i.e. require both):

   Allow from env=AllowedCountry1 & AllowCountry2