Kaspersky Lab
Best way to protect your Apache Web Server in your DMZ network :-
Apache is one of the most used Web-server to host your web files or your website on the web. Website security is always critical for any organization. However there is nothing 100 % secure in the digital world, but with hardening we are making our web-server less prone for hacking .
Today i am going to show you Best way to protect your Apache Web Server in your DMZ network with Firewalls .
Before you apply these changes in your web server, you should have some basics of the Apache server.
- Document root Directory: /var/www/html or /var/www Main Configuration file: /etc/httpd/conf/httpd.conf (RHEL/CentOS/Fedora) and/etc/apache/apache2.conf(Debian/Ubuntu). Default HTTP Port: 80 TCP Default HTTPS Port: 443 TCP Test your Configuration file settings and syntax: httpd -t Access Log files of Web Server: /var/log/httpd/access_log Error Log files of Web Server: /var/log/httpd/error_log
1. Hide Apache Version and OS Identity from Errors :-
One of the first steps an attacker takes before attacking a website is to analyze the web server response in order to gather as much information as possible about it. This is known as “fingerprinting“.
Some headers in the HTTP response from the web server contain information that can be used by an attacker to identify the web server. The attacker can then launch an attack that exploits weaknesses in that particular web server.
Hide Apache Web-server information with Checkpoint GAIA :-
Checkpoint IPS module comes with a Web-server fingerpriting protection, To enable it navigate to IPS Software blade > Protections > By protocol > IPS software blade > Web Intelligence > Information gathering.
then double-click on it and select your protection profile , In Override IPS policy, choose prevent.
Click on the Customize option, if you want to apply for particular webserver
Hide Apache Web-server information with Cisco ASA :-
In Cisco ASA, you can easily spoof your web-server information by creating a one MPF policy for your DMZ zone.
rumyasa(config)# access-list HTTP permit tcp any any eq www
class-map HTTP match access-l HTTP
policy-map type inspect HTTP_SPOOF
parameters spoof-server “IIS (Windows) policy-map HTTP class HTTP inspect http HTTP_SPOOF
service-policy HTTP interface outside
With above MPF policy, Hackers will receive your webrserver information as a IIS instead of Apache.
Hide Apache Web-server information with Symantec Endpoint Protection Manager (SEPM ) :-
If you are protecting your web-server with SEPM, navigate to Policy > Firewall Policy > Protection and Stealth and enable the ” OS fingerprinting masquerdering ” option.
Hide Apache Web-Server information by Changing Configuration File :-
Open configuration file with vim editor and search for “ServerSignature“, its by default On. We need to Off these server signature and the second line “ServerTokens Prod” tells Apache to return only Apache as product in the server response header on the every page request, It suppress the OS, major and minor version info.
# vim /etc/httpd/conf/httpd.conf (RHEL/CentOS/Fedora)
eset endpoint security 5 crack eset endpoint security 32 bit download