Anonymous apache & PHP for cPanel
Posted on September 11, 2008
So I've started playing with cPanel/WHM recently. I've got to say it does make my life immensely easier, at, in my opinion, reduced security. So I'm working on security cPanel/WHM. Apart from the obvious, which I won't go into in this post, we'll make apache and PHP anonymous.
I spent a few hours messing with the easyapache script getting apache and PHP configured how I like on cPanel. No biggie. But I couldn't set some of my favourite security options.
First off, we'll anonymise apache.
From WHM, click Apache Setup under Service Configuration
Click Include Editor, under Pre Main Include select your apache version.
In the text box that appears insert
ServerSignature Off ServerTokens Prod
Update and restart.
Your server signature will change from
Apache/2.x.x (Unix) mod_ssl/2.x.x OpenSSL/0.x.x mod_XXX/x.x PHP/x.x.x Server at www.premierseo.info Port 80
to
Apache Server at www.premierseo.info Port 80
It should keep the snoopers / automated attacks out for a while.
Next, we'll tell PHP not to expose itself for that extra bit of security.
From WHM, click PHP Configuration Editor under Service Configuration and then switch to Advanced View.
Find the expose_php and change it to "Off". Save.
Restart apache to be sure.
There we go. Simple steps in apache & php security.
Related posts:
- Anonymous apache & PHP
Like to be conspicuous? Like me. Then use theĀ ServerTokens and expose_php options. On a... - Enabling mod_deflate/gzip globally on cPanel
There's far too many reasons to mention why you should enable mod_deflate to gzip your... - Installing mod_evasive on cPanel and/or Apache
This guide details how to install mod_evasive on cPanel to help protect against DDOS attacks,... - mod_geoip Revisted including stopping spam in phpBB 2
I've recently moved a client's forum onto a new cPanel server, previously it was on... - Apache, JungleDisk and Port 80
I was tearing what little hair I have trying to solve a very strange bug...
What this article useful to you?
Let me know, buy me a beer!
Alternatively, if you're feeling impecunious, you may like to subscribe to my RSS feed, or see other articles in the cPanel/WHM category.
Gallery
Categories
- Apache
- Automotive
- CentOS
- cPanel/WHM
- CubeCart
- Domains
- Exchange
- Geeky
- General
- Home
- HTML, CSS, AJAX
- Linux
- MS SQL
- MySQL
- Photography
- PHP
- phpBB
- Reviews
- Search Engines
- Snippets
- Software
- Ubuntu
- Windows
- Wordpress
Lifestream
-
Stuart King commented on your wall post.
-
Chris Beddows commented on Michelle Symonds's status.
-
Stuart King posted Something on your Wall.
-
Stuart King accepted your friend request.
-
Michelle Symonds commented on her status.
Tags
Cache
cache control
campaign id
clip
credit
credit cards
credit crunch
Cricket
cut and paste
database
database error
Download
Duplicate
ETags
extra points
getItemHash
Google
hash values
jpg jpeg
Linux
mysql database
mysql server
paste job
Performance
performance grade
php cgi
proxy
quick test
recession
score
single line
Sitemaps
sql errors
sql syntax
Super
trickery
Turbo
tweaking
Unzip
website
Wordpress
wp
WP-O-Matic
xml sitemap
YSlow
Recent Comments
- Dariush on Installing mod_evasive on cPanel and/or Apache
- nayasites on [Snippet] Stop Windows Update irritating you to restart after updates
- Geburtstagskarten on Managing User Shares in Windows
- Smelly Brain on What is the difference between ‘learnt’ and ‘learned’?
- MarcusTeaf on Convert phpBB IP Addresses