Difference between revisions of "Apache"
From Steak Wiki
Jump to navigationJump to search| (6 intermediate revisions by one other user not shown) | |||
| Line 6: | Line 6: | ||
Append this: | Append this: | ||
{{Cat|/etc/apache2/apache.conf| | {{Cat|/etc/apache2/apache.conf| | ||
| − | ErrorDocument 400 / | + | ErrorDocument 400 /error.html |
| − | ErrorDocument 401 / | + | ErrorDocument 401 /error.html |
| − | ErrorDocument 404 / | + | ErrorDocument 404 /error.html |
| − | ErrorDocument 403 / | + | ErrorDocument 403 /error.html |
| − | ErrorDocument 500 / | + | ErrorDocument 500 /error.html |
| − | ErrorDocument 502 / | + | ErrorDocument 502 /error.html |
| − | ErrorDocument 503 / | + | ErrorDocument 503 /error.html |
| − | ErrorDocument 504 / | + | ErrorDocument 504 /error.html |
}} | }} | ||
| − | {{Cat|/var/www/html/ | + | {{Cat|/var/www/html/error.html| |
}} | }} | ||
Just a blank file. | Just a blank file. | ||
| Line 40: | Line 40: | ||
cd /usr/share/GeoIP | cd /usr/share/GeoIP | ||
#wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | #wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | ||
| − | #gunzip GeoLiteCity.dat.gz | + | #gunzip GeoLiteCity.dat.gz - this didn't work. todo |
geoip.conf | geoip.conf | ||
| Line 63: | Line 63: | ||
Deny from all | Deny from all | ||
Allow from env=AllowCountry | Allow from env=AllowCountry | ||
| − | |||
</Directory> | </Directory> | ||
| Line 74: | Line 73: | ||
</pre> | </pre> | ||
This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat... | This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat... | ||
| + | |||
| + | php test script (note: remove html comment tags) | ||
| + | <pre> | ||
| + | <!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?--> | ||
| + | </pre> | ||
| + | |||
| + | multiple env variables at the same time (i.e. require both): | ||
| + | Allow from env=AllowedCountry1 & AllowCountry2 | ||
| + | |||
| + | |||
</small> | </small> | ||
Latest revision as of 07:15, 11 May 2023
Apache hardening: https://wiki.zoneminder.com/Ubuntu_Install_ZoneMinder_on_Ubuntu_Server
Eliminate Error Pages
Append this:
Contents of /etc/apache2/apache.conf
ErrorDocument 400 /error.html
ErrorDocument 401 /error.html
ErrorDocument 404 /error.html
ErrorDocument 403 /error.html
ErrorDocument 500 /error.html
ErrorDocument 502 /error.html
ErrorDocument 503 /error.html
ErrorDocument 504 /error.html
Contents of /var/www/html/error.html
Just a blank file.
Misc
enable / disable ssl (listen on port 443)
a2enmod ssl a2dismod ssl
enable / disable certain php vers
a2enmod php5.6 a2dismod php5.5
GeoBlocking
- https://wiki.pratznschutz.com/index.php/Apache2_Geo_IP
- https://podtech.com/apache/block-ips-by-country-apache/
- https://wiki.ubuntuusers.de/Archiv/Apache/mod_geoip2/
#apt-get install libapache2-mod-geoip #a2enmod geoip cd /usr/share/GeoIP #wget geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz #gunzip GeoLiteCity.dat.gz - this didn't work. todo
geoip.conf
<IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/share/GeoIP/GeoIP.dat </IfModule>
/etc/apache2/sites-available/webseite-geoip
<VirtualHost *>
ServerAdmin webmaster@example.com
ServerName www.example.com
ServerAlias www.example.com *.www.example.com
DocumentRoot /var/www/webseite/
<Directory /var/www/webseite/>
AllowOverride FileInfo Options
SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry
Deny from all
Allow from env=AllowCountry
</Directory>
###### Logs ####
ErrorLog /var/log/apache2/webseite.error.log
LogLevel warn
CustomLog /var/log/apache2/webseite.access.log combined
</VirtualHost>
This guide assumes you know how to restart apache. Make sure ipv6 isnt' enabled, or if you do enable it, you'll also need geoipv6.dat...
php test script (note: remove html comment tags)
<!--?php $country_name = apache_note("GEOIP_COUNTRY_NAME"); echo "Land: " . $country_name; ?-->
multiple env variables at the same time (i.e. require both):
Allow from env=AllowedCountry1 & AllowCountry2
