Category: Apache

How to Force HTTPS using Apache

Edit .htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>

Debian 9 Stretch Apache 2.4 MariaDB 10.1.26 PHP 7.0

Installation notes for Debian 9 Apache 2.4 MariaDB 10.1.26 PHP 7.0 differ somewhat from prior LAMP installations. Also included here are notes on PSAD and Fail2ban. PSAD requires netstat which is no longer included in Debian 9 apt-get install net-tools apt-get install apache2 apt-get install software-properties-common apt-get install mariadb-server sudo /usr/bin/mysql_secure_installation sudo mysql -v

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/www.example.com/administrator”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

Apache2 Custom 404 Page

Create a html page sudo vi /var/www/missing.html whateveryouwanttosay sudo chown www-data:www-data /var/www/missing.html sudo vi /etc/apache2/conf.d/localized-error-pages Uncomment #ErrorDocument 404 /missing.html sudo service apache2 restart

Harden Apache 2.2

sudo vi /etc/apache2/conf.d/security ServerTokens Prod ServerSignature Off sudo vi /etc/apache2/sites-available/default Directory /var/www/html> Options -Indexes /Directory> https://www.linuxquestions.org/questions/blog/rearden888-507430/howto-set-up-modsecurity-on-debian-7-35569/

Disable RC4 and SSL3

sudo vi /etc/apache2/mods-available/ssl.conf SSLHonorCipherOrder on SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS” SSLProtocol All -SSLv2 -SSLv3 SSLCompression Off

Force WordPress SSL HTTPS on Only One Page

RewriteEngine On Options -Indexes Options +FollowSymLinks RewriteBase / # force https for all URLs matching “subscribe.* # otherwise normal http request are unmolested # other methods that force ssl cause 301 redirects on # all pages RewriteCond %{HTTPS} =off RewriteRule ^subscribe https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d ## standard rule but causes redirect loops #RewriteRule . /index.php [L]...

WordPress Draft Crawl by Baiduspider

An interesting log in Apache hosts log (below) surprised me. I saw this URL crawl attempt by what is supposed to be Baidu – I checked – it was. What is so surprising is that the URL is a sentence of a DRAFT I was working on at the moment (screenshot below – notice the draft status bottom right). This...

unable to resolve host – not found or unable to stat

Debian 7 Apache 2.2.22 Virtualhost with only one website using ssl – ssl certificate is for www.example.com (not example.com) The following setup resolves the “unable to resolve host” error /etc/hosts 127.0.0.1 localhost {server ip address} www.example.com www /etc/hostname www.example.com However, if you have a new apache error [error] [client 127.0.0.1] script ‘/var/www/wp-cron.php’ not found or unable to stat Change hosts...

script /var/www/wp-cron.php not found or unable to stat

[error] [client 127.0.0.1] script /var/www/wp-cron.php not found or unable to stat http://serverfault.com/questions/185954/hosts-file-entries-for-multiple-domains-on-vps 127.0.0.1 localhost localhost.localdomain xxx.xxx.xxx.xxx yourdomain1.com yourdomain1 yourdomain2.com yourdomain2 And those lines must have a few blank lines above the in the hosts file, or they will get overwritten each reboot.

htaccess force SSL for WordPress

This works for me on Apache 2.2 with VirturalHosts. Plus other useful stuff here. <IfModule mod_rewrite.c> RewriteEngine On Options -Indexes Options +FollowSymLinks RewriteBase / # Force HTTPS RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}/$1 [L] # Deny access by your most hated visitors and bad bots RewriteCond %{HTTP_USER_AGENT} mechanize [NC,OR] # Protect against SQL INJECTION RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [OR] RewriteCond %{QUERY_STRING}...

How To Solve Swappiness (Apache) Problem

Swappiness is a Linux kernel parameter that controls the relative weight given to swapping out runtime memory, as opposed to dropping pages from the system page cache. Swappiness can be set to values between 0 and 100 inclusive. A low value causes the kernel to avoid swapping, a higher value causes the kernel to try to use swap space. The...

Setup a LAMP Server on Debian or Ubuntu

This setup is for Virtual Host server – not a dedicated server with a single domain SSH to your server ssh root@IP Update Debian/Ubuntu apt-get update && apt-get upgrade –show-upgraded -y Create User How To Create a User in Linux Setup SSH for Remote Access With GPG Keys – No Password How To Setup SSH for Remote Access IMPORANT –...

Install Apache on Debian and Ubuntu

Install Apache sudo apt-get install apache2 sudo vi /etc/apache2/sites-available/default change AllowOverride None > AllowOverride All in line 11 Enable Apache rewrite and restart Achtung! Don’t forget or things will not work and you’ll waste hours trying to find out why sudo a2enmod rewrite Restart Apache sudo service apache2 restart If no error, its working Optional: The following “example” is used...

Apache2 Invalid method in request \x16\x03\x01

Apache2 reports an error “Invalid method in request \x16\x03\x01” Check that the IP address is correct in line #8 of /etc/apache2/sites-available/www.example.com <VirtualHost *:80> ServerAdmin webmaster@seleads.com ServerName www.example.com ServerAlias example.com Redirect 301 http://example.com http://www.example.com/ DocumentRoot /var/www/www.example.com/ </VirtualHost> <VirtualHost 199.199.199.199:443> SSLEngine on ServerName example.com SSLCACertificateFile /etc/apache2/ssl/PrimaryRootCA.crt SSLCertificateChainFile /etc/apache2/ssl/Thawte_DV_SSL_CA_Bundle.crt SSLCertificateFile /etc/apache2/ssl/example.crt SSLCertificateKeyFile /etc/apache2/ssl/private/example.key DocumentRoot /var/www/www.example.com/ </VirtualHost>