secure apache webserver
I am exposing another machine as http mirror, and am trying to secure it.
Done with iptables.
configured portsentry to auto-block portscans.
How to block TRACE in apache?
I believe you do it with rewriting rule like such, but does not work.
<IfModule mod_rewrite.c>
#security changes
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
</IfModule>
How to restrict ALL product information?
I want to leak no webserver/os information, I've already configured:
ServerTokens ProductOnly
Anyone have a rule to restrict this via mod_rewrite or similar?
--
--Luke CS Sysadmin, Montana State University-Bozeman
Reply to: