Category: Apache

How To Create A Blank Root For Apache Virtual Host?

If you don’t want Apache to serve the first Virtual Host when you get a request for the server IP. (because that is what is supposed to happen). If someone or somebot is attempting to see what is at the ip address, you can serve a blank page instead as follows: vi /etc/apache2/sites-available/000-default.conf Insert this VirtualHost at the top of...

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

How to Force HTTPS using Apache

Edit .htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>

Debian 9 Stretch Apache 2.4 MariaDB 10.1.26 PHP 7.0

Installation notes for Debian 9 Apache 2.4 MariaDB 10.1.26 PHP 7.0 differ somewhat from prior LAMP installations. Also included here are notes on PSAD and Fail2ban. PSAD requires netstat which is no longer included in Debian 9 apt-get install net-tools apt-get install apache2 apt-get install software-properties-common apt-get install mariadb-server sudo /usr/bin/mysql_secure_installation sudo mysql -v

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/www.example.com/administrator”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

Apache2 Custom 404 Page

Create a html page sudo vi /var/www/missing.html whateveryouwanttosay sudo chown www-data:www-data /var/www/missing.html sudo vi /etc/apache2/conf.d/localized-error-pages Uncomment #ErrorDocument 404 /missing.html sudo service apache2 restart

Harden Apache 2.2

sudo vi /etc/apache2/conf.d/security ServerTokens Prod ServerSignature Off sudo vi /etc/apache2/sites-available/default Directory /var/www/html> Options -Indexes /Directory> https://www.linuxquestions.org/questions/blog/rearden888-507430/howto-set-up-modsecurity-on-debian-7-35569/

Disable RC4 and SSL3

sudo vi /etc/apache2/mods-available/ssl.conf SSLHonorCipherOrder on SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS” SSLProtocol All -SSLv2 -SSLv3 SSLCompression Off

Force WordPress SSL HTTPS on Only One Page

RewriteEngine On Options -Indexes Options +FollowSymLinks RewriteBase / # force https for all URLs matching “subscribe.* # otherwise normal http request are unmolested # other methods that force ssl cause 301 redirects on # all pages RewriteCond %{HTTPS} =off RewriteRule ^subscribe https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d ## standard rule but causes redirect loops #RewriteRule . /index.php [L]...

WordPress Draft Crawl by Baiduspider

An interesting log in Apache hosts log (below) surprised me. I saw this URL crawl attempt by what is supposed to be Baidu – I checked – it was. What is so surprising is that the URL is a sentence of a DRAFT I was working on at the moment (screenshot below – notice the draft status bottom right). This...

unable to resolve host – not found or unable to stat

Debian 7 Apache 2.2.22 Virtualhost with only one website using ssl – ssl certificate is for www.example.com (not example.com) The following setup resolves the “unable to resolve host” error /etc/hosts 127.0.0.1 localhost {server ip address} www.example.com www /etc/hostname www.example.com However, if you have a new apache error [error] [client 127.0.0.1] script ‘/var/www/wp-cron.php’ not found or unable to stat Change hosts...

script /var/www/wp-cron.php not found or unable to stat

[error] [client 127.0.0.1] script /var/www/wp-cron.php not found or unable to stat http://serverfault.com/questions/185954/hosts-file-entries-for-multiple-domains-on-vps 127.0.0.1 localhost localhost.localdomainxxx.xxx.xxx.xxx yourdomain1.com yourdomain1 yourdomain2.com yourdomain2 And those lines must have a few blank lines above the in the hosts file, or they will get overwritten each reboot.

htaccess force SSL for WordPress

This works for me on Apache 2.2 with VirturalHosts. Plus other useful stuff here. <IfModule mod_rewrite.c> RewriteEngine On Options -Indexes Options +FollowSymLinks RewriteBase / # Force HTTPS RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}/$1 [L] # Deny access by your most hated visitors and bad bots RewriteCond %{HTTP_USER_AGENT} mechanize [NC,OR] # Protect against SQL INJECTION RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [OR] RewriteCond %{QUERY_STRING}...

How To Solve Swappiness (Apache) Problem

Swappiness is a Linux kernel parameter that controls the relative weight given to swapping out runtime memory, as opposed to dropping pages from the system page cache. Swappiness can be set to values between 0 and 100 inclusive. A low value causes the kernel to avoid swapping, a higher value causes the kernel to try to use swap space. The...

Setup a LAMP Server on Debian or Ubuntu

This setup is for Virtual Host server – not a dedicated server with a single domain SSH to your server ssh root@IP Update Debian/Ubuntu apt-get update && apt-get upgrade –show-upgraded -y Create User How To Create a User in Linux Setup SSH for Remote Access With GPG Keys – No Password How To Setup SSH for Remote Access IMPORANT –...