Apache security

This topic will show you how to quickly and easily protect your apache server.

disable dangerous functions:

Quote:disable_functions = "ini_restore,copy,file_put_contents,ln,readlink,tmpfile,php_ini_scanned_files,posix_isatty,getrlimit,posix,posix_strerror,posix_getgroups,posix_getlogin,set_time_limit,getmypid,chown,getmygid,error_log,posix_get_last_error,session_save_path,ini_get_all,phpinfo,php_uname,closelog,crack_opendict,highlight_file,cat,crack_check,crack_getlastmessage,crack_closedict,ftp_exec,tempnam,chgrp,popen,pclose,posix_getpwuid,proc_get_status,proc_close,proc_open,proc_nice,posix_getgrgid,posix_kill,parse_perms,system,dl,passthru,exec,getcwd,shell_exec,get_loaded_extensions,popen,stream_select,rename,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,mysql_list_dbs,get_current_user,getmyuid,pconnect,link,symlink,pcntl_exec,ini_alter,pfsockopen,leak,apache_child_terminate,posix_kill,posix_setpgid,posix_setuid,proc_terminate,syslog,fpassthru,stream_select,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_modules,apache_get_version,disk_total_space,diskfreespace,apache_getenv,apache_note,apache_setenv,virtual,chmod,file_upload,delete,deleted,edit,cmd,rename,unlink,mkdir,mv,touch,cp,cd,pico,dir,"

Enable open_basedir:

Find ;open_basedir = or open_basedir = and change your time with directory on your site

Example:
open_basedir = "/var/www/html/"

mod_security is also a good chance to block stuff that looks malicious.

08-11-2016, 05:31 AM

Ekon Wrote: Hi there Ekon,

Apple has released iOS 10.1.1 (14B100).
This was released for the following 36 devices:
iPad 4 (GSM)
iPad 4 (Global)
iPad 4 (WiFi)
iPad Air (Cellular)
iPad Air (China)
iPad Air (WiFi)
iPad Air 2 (Cellular)
iPad Air 2 (WiFi)
iPad Mini 2 (Cellular)
iPad Mini 2 (China)
iPad Mini 2 (WiFi)
iPad Mini 3 (Cellular)
iPad Mini 3 (China)
iPad Mini 3 (WiFi)
iPad Mini 4 (Cellular)
iPad Mini 4 (WiFi)
iPad Pro 12.9-inch (Cellular)
iPad Pro 12.9-inch (WiFi)
iPad Pro 9.7-inch (Cellular)
iPad Pro 9.7-inch (WiFi)
iPhone 5 (GSM)
iPhone 5 (Global)
iPhone 5c (GSM)
iPhone 5c (Global)
iPhone 5s (GSM)
iPhone 5s (Global)
iPhone 6
iPhone 6+
iPhone 6s
iPhone 6s+
iPhone 7 (GSM)
iPhone 7 (Global)
iPhone 7 Plus (GSM)
iPhone 7 Plus (Global)
iPhone SE
iPod touch 6

wtf is this

---

02-03-2016, 10:37 PM

0-Day Wrote: This topic will show you how to quickly and easily protect your apache server.

disable dangerous functions:


Enable open_basedir:

Find ;open_basedir = or open_basedir = and change your time with directory on your site

Example:
open_basedir = "/var/www/html/"

you broke the site. lolhttps://gyazo.com/f47787d19e5ea18de46eb2b4da3be44d

mod_security + Fail2Ban + mod_evasive works almost for all web security

Yep fail2ban is required if you are installing a server

How i do this for my web site

fail2ban is amazing. so is mod security. although im not a huge fan of apache

I would like to clarify, this is for different versions of Apache?

Hosting iin gvenlik de olsa gzel olurmu. Neyse servere sahip arkadalar iin yararl.

It will be very useful to make .conf settings for both apache and nginx