...
Most websites have a domain name attached to them. Apache is looking for this on startup. There actually is not much documentation on exactly what is happening here. If you happen to know then email meplease let me know via comments on this page. Based on my reading here is how to resolve itthe error.
First use the hostname command to determine the name of your system,
| Code Block | ||
|---|---|---|
| ||
hostname # Determine name of your system. In this example this server will return tinman
tinman |
Next add load the result to the empty /etc/apache/httpd.conf .into an editor of your choice,
| Code Block | ||
|---|---|---|
| ||
sudo vi /etc/apache2/httpd.conf |
...
| Code Block | ||
|---|---|---|
| ||
ServerName tinman |
Apache Server Hardening
Here are some of the basic hardening steps I take today.
| Note |
|---|
As with any security notes, I will write a disclaimer that there are more advanced ways to secure Apache. You can go as far as compiling your own custom version but that's out of scope for now. |
Edit /etc/apache2/conf.d/security
set ServerTokens Prod - This turns off all the extra header information sent by Apache. Primarily, it would let a client know what version of Apache is being used. The information could be used to look up vulnerabilities on the particular version of Apache you are running.
set ServerSignatures Off - Removes footer information from default apache pages. For example, page not found.