Web Security Check Guide
- Is My Website Hacked? Find Out With This Checklist
- Google web check: http://www.google.com/safebrowsing/diagnostic?site=yourdomain.com
- sucuri check: http://sitecheck.sucuri.net/
- ref:
Apache Web Server intro
- a common and popular php web server
httpd.conf
- notes:
- path uses / as seperator
- .htaccess is per-folder httpd.conf (if allowed), but all-in-one config in httpd.conf is faster for server to process.
Info Configure Syntax
- define apache root path.
- define listen port
Listen 80
Directory Config
- define http root directory and its directory rights
DocumentRoot "D:/my_Server/htdocs" <Directory "D:/my_Server/htdocs"> AllowOverride All Require all granted </Directory>
Multiple Sites on Single IP
- VirtualHost config in httpd.conf and hosts file config
NameVirtualHost 127.0.0.1:80 # allow that directory access if not under http root <Directory "D:/my_Server/test01_com/htdocs"> Require all granted </Directory> <VirtualHost test01.com:80> ServerName www.test01.com ServerAlias test01.com DocumentRoot "D:/my_Server/test01_com/htdocs" CustomLog "D:/my_Server/log/test01.com.access" combined </VirtualHost> # allow that directory access if not under http root <Directory "D:/my_Server/test02_com/htdocs"> Require all granted </Directory> # test02.com:80 for that domain or IP, *:80 for any IP # server admin for optional providing admin contact if error <VirtualHost test02.com:80> ServerName www.test02.com ServerAlias test02.com ServerAdmin admin@test02.com DocumentRoot "D:/my_Server/test02_com/htdocs" CustomLog "D:/my_Server/log/test02.com.access" combined </VirtualHost>
- hosts
127.0.0.1 test01.com 127.0.0.1 test02.com
.htaccess tutorial
- a text file that config how Apache server do with the directory
- tutorial:
- turn off apache version note:
- example
ServerSignature Off ServerTokens Prod
Advanced Website Security Setup
- read more on Apache Web Server intro
- limit website access through certain IP or IP range
- change Apache site directory .htaccess file
<Directory /docroot> order deny,allow deny from all allow from yourIP allow from yourIPv6 </Directory>