Disable weak SSLV2 siphers
edit ssl.conf and add
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:+EXPRestrict apache to giveout minimum informations
Edit httpd.conf and change
ServerTokens ProductOnlyDisable track and trace in every virtual hosts
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]Always better to configure apache to Loan minimal/required modules and include only necessary config files.
./arun
No comments:
Post a Comment