Ubuntu Server

Page 36

第 3章

用 Apache 做 Web 服务器

3.5 Apache 安全 3.5.2

隐藏敏感信息

$ telnet localhost 80 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. HEAD / HTTP/1.0 HTTP/1.1 200 OK Date: Mon, 03 Nov 2008 01:37:59 GMT Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch Last-Modified: Mon, 03 Nov 2008 00:46:59 GMT ETag: "34943-2d-45abe48d446c0" Accept-Ranges: bytes Content-Length: 45 Connection: close Content-Type: text/html Connection closed by foreign host.

ServerTokens Prod

$ sudo /etc/init.d/apache2 reload

$ telnet localhost 80 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. HEAD / HTTP/1.0 HTTP/1.1 200 OK Date: Mon, 03 Nov 2008 02:08:43 GMT Server: Apache Last-Modified: Mon, 03 Nov 2008 00:46:59 GMT ETag: "34943-2d-45abe48d446c0" Accept-Ranges: bytes Content-Length: 45 Connection: close Content-Type: text/html Connection closed by foreign host.

3.5.3

不要以 root 身份运行 Apache

$ ps auxf | grep apache hiweed

5536

0.0

0.2

3004

756 pts/0

S+

21:29

0:00

\_ grep

61

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.