Table of Contents |
---|
Install and Configure
With Ubuntu installing is very straightforward,
...
Apache 2.x is now installed.
Test
Verify that the Apache Web Server is running first by hitting your server's IP Address. If you do not know your ip address, at the console type,
...
You should see a webpage show up saying "It works!".
Stopping, Starting, Restarting and Reload
You should know the basic commands to running Apache 2. Go ahead and try them. Note ignore the warning message about "fully qualified domain name" as that is covered in the next section.
...
Code Block | ||
---|---|---|
| ||
sudo /etc/init.d/apache2 stop sudo /etc/init.d/apache2 start sudo /etc/init.d/apache2 restart sudo /etc/init.d/apache2 reload |
Provide Server Name
Apache is working fine, but during restart you will get the warning message, "apache2: Could not reliably determine the server's fully qualified domain name, using ...".
...
Code Block | ||
---|---|---|
| ||
sudo echo "ServerName $(bash -c "hostname")" >> /etc/apache2/httpd.conf" |
Apache Basic Server Hardening
Here are some of the basic hardening steps I take today.
Note |
---|
As with any security notes, I will write a disclaimer that there are more advanced ways to secure Apache. You can go as far as compiling your own custom version but that's out of scope for now. |
Edit /etc/apache2/conf.d/security
set ServerTokens Prod - This turns off all the extra header information sent by Apache. Primarily, it would let a client know what version of Apache is being used. The information could be used to look up vulnerabilities on the particular version of Apache you are running.
set ServerSignatures Off - Removes footer information from default apache pages. For example, page not found.
Optional Optimization
I found that you can save (according to htop about 3MB) of memory if the status apache module is disabled,
...
That is for now. I might flush this section out a bit more later. Surprisingly, the default Apache configuration is very robust that I rarely need optimization. Instead, we focus optimization efforts on application servers which usually give us the biggest improvements.
References
http://cloudservers.mosso.com/index.php/Ubuntu_-_Apache_configuration#Security_Settings - Rackspace wiki on hardening Apache Web Server.