Ubuntu Linux The Apache Configuration

How do I configure the Apache 2 web server securely under Ubuntu Linux operating systems?


The Apache configuration file is /etc/apache2/apache2.conf. Apply the recommendations in the remainder of this section to this file. Open this file using a text editor such as vi, enter:

sudo vi /etc/apache2/apache2.conf

The mount of time the server will wait for certain events before failing a request is set to 300 seconds, which is pretty high. Set it to 60 or 100 seconds:
Timeout 60
Number of seconds to wait for the next request from the same client on the same connection is set to 15 seconds. It is a good value, but can be reduced to 10:
KeepAliveTimeout 10
Save and close the file.

Restrict Information Leakage

The ServerTokens and ServerSignature directives determine how much information the web server discloses about the configuration of the system. ServerTokens Prod restricts information in page headers, returning only the word “Apache.” ServerSignature Off keeps Apache from displaying the server version on error pages. Make sure tracking is disabled on production website. It is a good security practice to limit the information provided to clients. Edit /etc/apache2/conf.d/security file, enter:

sudo vi /etc/apache2/conf.d/security

Add or correct the following directives
ServerTokens Prod
ServerSignature Off
TraceEnable Off

Save and close the file.

Configure Ports and Default IP Address

Edit /etc/apache2/ports.conf, enter:

sudo vi /etc/apache2/ports.conf

If your IPv4 address is update it as follows to listen on port 80:

<IfModule mod_ssl.c>
    # SSL name based virtual hosts are not yet supported, therefore no
    # NameVirtualHost statement here
    Listen 443

Save and close the file. Finally, restart Apache2:

sudo /etc/init.d/apache2 restart

Verify ports 80 and 443 are open, enter:

sudo netstat -tulpn | grep :80

Fire a web browser and type the your domain name or server IP such as:

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04

0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.