Things to be considered before configuring apache server.
1.Hiding Apache version and OS information:
Apache displays its version and the name of the operating system in errors. A hacker can use this information to launch an attack. so server administration must hide the server signature. This can be with following command
>Go to the above directory
>Off the default signature
service httpd restart
>restart the server to take effect the changes
2.Disable Directory Listing
If /var/www/ don’t have the index file then webserver shows the document root directory
This feature could be turn off for a specific directory through “options directive” available in the Apache configuration file.
3.Restricting Access to files outside the root directory
Configure the file like given below:
Deny from all
This will not allow user to access outside the web root directory
HOW TO INSERT RESTRICTION.
To view the current iptables configuration
How to block all connections from a specific IP Address.
iptables -A INPUT -s (ip address) -j DROP
e.g.: iptables -A INPUT -s 192.168.1.22 -j DROP
How to block all of the IP Addresses in the 192.168.1.1/24 network range.
Standard method: iptables -A INPUT -s 192.168.1.1/24 -j DROP
Netmask method: iptables -A INPUT -s 192.168.1.1/255.255.255.0 -j DROP
How to block SSH connections from any IP address.
iptables -A INPUT -p tcp --dport ssh -j DROP
How to block SSH connections from a specific IP Address.
iptables -A INPUT -p tcp --dport ssh -s 10.10.10.10 -j DROP
For tcp protocol use -p tcp
& for udp protocol use -p udp
The changes that you make to your iptables rules will be scrapped the next time that the iptables service gets restarted unless you execute a command to save the changes