LAMP Tips! » Apache http://lamptips.com Tips for Linux, Apache (and Nginx!), MySQL and PHP! Sat, 03 Mar 2012 07:53:25 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Apache/Security – Hide Apache Version Number http://lamptips.com/2012/01/apachesecurity-hide-apache-version-number/ http://lamptips.com/2012/01/apachesecurity-hide-apache-version-number/#comments Mon, 30 Jan 2012 04:38:16 +0000 LampTips http://lamptips.com/?p=16 Sometimes, you may like a bit of security-through-obscurity. Some PCI providers even require this.  You can disable the display of the Apache version by adding the following to your httpd.conf (Generally in /etc/httpd/conf): ServerSignature Off ServerTokens Prod]]>

Sometimes, you may like a bit of security-through-obscurity. Some PCI providers even require this.
 You can disable the display of the Apache version by adding the following to your httpd.conf (Generally in /etc/httpd/conf):

ServerSignature Off
ServerTokens Prod
]]> http://lamptips.com/2012/01/apachesecurity-hide-apache-version-number/feed/ 0 Apache/PCI – Disable Weak Cipher and older TLS Support http://lamptips.com/2012/01/apachepci-disable-weak-cipher-and-older-tls-support/ http://lamptips.com/2012/01/apachepci-disable-weak-cipher-and-older-tls-support/#comments Sun, 29 Jan 2012 11:13:25 +0000 LampTips http://lamptips.com/?p=10 PCI compliance tests require you to disable weak ciphers and older TLS support.  You can do that by adding the following to your httpd.conf (Generally under /etc/httpd/conf/): SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:-SSLv2:-RC4:+EXP]]>

PCI compliance tests require you to disable weak ciphers and older TLS support.
 You can do that by adding the following to your httpd.conf (Generally under /etc/httpd/conf/):

SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:-SSLv2:-RC4:+EXP
]]> http://lamptips.com/2012/01/apachepci-disable-weak-cipher-and-older-tls-support/feed/ 0 Apache/PCI – Disable TRACE Method http://lamptips.com/2012/01/apachepci-disable-trace-method/ http://lamptips.com/2012/01/apachepci-disable-trace-method/#comments Sun, 29 Jan 2012 11:08:31 +0000 LampTips http://lamptips.com/?p=7 Some PCI tests require that you disable the Apache TRACE method as this can reveal sensitive information about the server.  Doing so is very simple! Add the following to your httpd.conf file (Generally in /etc/httpd/conf/): TraceEnable off]]>

Some PCI tests require that you disable the Apache TRACE method as this can reveal sensitive information about the server.
 Doing so is very simple! Add the following to your httpd.conf file (Generally in /etc/httpd/conf/):

TraceEnable off
]]> http://lamptips.com/2012/01/apachepci-disable-trace-method/feed/ 0