Safe setup to Apache
Safe setup for apache means if anyone wants to prepare own apache server then what kind of security safeguards should be taken. So we will discuss all points one by one for security purpose or for safe setup of apache.
1. Firstly, your apache version should be latest or up to date.
2. If you have installed latest version than your second task is to hide the more secure information and apache version number and all other basic information.
After that, you have a need to add or edit directives in HTTP.conf file. There are two directives:
i. Server signature off
ii. Server token prod
Server signature always lies on the bottom of the pages and on the directory listing etc. which are generated by apache itself.
Server token prod is used to determine the browser or server header response. Whenever we type anything on the HTTP browser it simply redirects our information or we can write in the header of the HTTP server
3. Make sure apache should be running under its own user account and group
4. All files should be under one directory. This is because if we don’t want that apache can access any file outside from the web root, then set it up as follows:
Order Deny, Allow
Deny from all
Allow override none
Allow from all
5. Access by IP only
Access by IP only, access to your intranet to allow only the 176.16 network:
Deny from all
Allow from 126.96.36.199/16
Or by IP:
Deny from all
Allow from 127.0.0.1
6. To set a size limit for XML corpse.
7. Turn off all directories for browsing.
8. Protect your system or server for unwanted attacks such as denial of service attack etc.
How to Prepare Own Apache Server
Step 1: Download Apache Server Software
From any major or main site of apache, you can download HTTP server latest version. Then click on any one file, but that should be the latest version. You can save this file in any drive or simply download.
You can see the .msi file in the fig, just double click on any one to download the software.
Step 2: Install It
When you will finish the first step the next step is to install the software. To install the apache HTTP server software go on that folder or drive where you have saved your software, if you have not saved it on a particular drive then go in downloads where you can get it the just double click on the software then it will ask some instruction like next and continue and all that.
When you will be arriving at the server information, as you can see in the figure. There are the three boxes first for the domain name and second one for server name then for email id. So these all are generated automatically and you need to change them. So write local host in network domain box as well as the server name and in the email address, you can write any email id means your valid email id. Then click on the first line which is for all users, on port 80. Then click on next.
Step 3: Run It
Once it will inaugurate, then next step is to run the software or check the software that is it working or not. Firstly go on the start icon and then programs then apache http server and then you will get some options, first one is configured apache server second one control apache server and so on. So you need to click on start.
During this process, if you get any error message then restart the software.
Step 4: Test It
In this step, you just need to test it. As you can see in the figure, here server or network domain name is HTTP local host and it works is written in the workspace, actually, these all comments are always written in notepad in HTML language and then redirect on local host or browser. If it will redirect the page and show effects or comments then it means our server is in working condition.
After all these steps if you want to do some changes then these changes are possible in this:
1. Change the web page
On the web page, ‘it works’ is written by default. And if we want to change this comment then go on the index.html file and just delete the file or either you can change it to write the HTML code or comment in between the HTML code then type local host on browser box in result you can see the effect.
2. Change the server name and administrator’s email address
If you want to change the server name and administrator’s email address just go to start menu, then apache configuration file->configure apache server->edit the apache httpd.conf configuration file. Then here change the server name and the email address.
3. Save the Configuration File and Restart Apache
Now after all changes, if you are satisfied with that then save with Ctrl+S. Now you need to restart apache to save the changes, if you will not restart the apache then all changes will not be saved. So go on start->program->apache http server->control apache server ->restart
4. Test Your Apache Server
To test your apache server means to check if it is configured or installed properly or not then open any browser or just type local host if your page will redirect to default apache page then it means it is working properly
5. Where to Place Your Website
By default, your pages should be placed in the “C:\Program Files\Apache”
Apache uses a system of three text files for managing and its configuration data. All three of these files in the apaches./conf directory and edited by administrators only.
i. httpd.conf-this file for general settings means if we want to change server name and port name then we can change from here or from this file.
ii. srm.conf- for resources setting
iii. access.conf- for security setting
Main Configuration Files
Apache HTTP Server is configured by placing directives in plain text configuration files. The main configuration file is usually called httpd.conf. The location of this file is set at compile-time, but may be overridden with the -f command line flag. In addition, other configuration files may be added using the include directive.
Syntax of the Configuration Files
HTTPd configuration files contain one directive per line. The backslash "\" may be used as the last character on a line to indicate that the directive continues onto the next line. There must be no other characters or space between the backslash and the end of the line. Directives in the configuration files are case-insensitive, but arguments to directives are often case sensitive. Lines that begin with the hash character "#" are considered comments and are unnoticed.
About The Author: Hi! I am Neelam Y. I am passionate about research and technology. Whether it is website designing/development, content writing or internet marketing; I have a solid track record of delivering utmost satisfaction to my clients.