当前位置:网站首页>National vocational college skills competition network security competition -- detailed explanation of Apache security configuration
National vocational college skills competition network security competition -- detailed explanation of Apache security configuration
2022-07-24 18:33:00 【Wangzai sec】
Apache Security configuration
Mission environment description :
- Server scenario :A-Server
- Server scenario operating system : Linux
- Server user name :root; password :123456
- Open the server scenario (A-Server), Clear firewall rules from the command line . View the scene on the server apache edition , Submit the viewed service version string completely ;
Flag=Apache/2.2.23 (Unix)
- Detect this version in the server scenario apache Whether there is Show banner Information vulnerabilities , If validation exists , Modify the configuration file to reinforce this vulnerability , And restart Apache service , String the content of this item ( No status ) As flag Submit ;
Flag=ServerSignature
- Check whether the server scenario configuration can browse the system directory , If verification exists, this vulnerability will be in Apache In the configuration file , Find the system root directory /var/www Configuration properties of , Delete the permission of the original content of this attribute , And restart Apache service , Delete the string of this reinforcement item as flag Submit ;
Flag=Indexes
- Reasonably configure the server scenario apache Operating account of , And in httpd.conf Find the running account in , Take the account name configured for this service as flag Submit ;
Flag=nobody
- Configure the server scenario httpd.conf, Restrict forbidden folders , Verify that you can access /var/www/data Under the table of contents index.php, If this vulnerability exists, it needs to be reinforced , Take this reinforced complete string as flag Submit ;( Tips :(<Directory /var/www/data>)***</Directory>* The number is what needs to be added )
Flag=Deny from all
- Configure the server scenario httpd.conf, Limit the specific of some special directories ip visit , Such as internal interface, etc . Modify right data Configuration of directory , Restart apache service . Use the fixed part of the reinforcement item as flag Submit ;
Flag=allow from
边栏推荐
- 全国职业院校技能大赛网络安全竞赛之数据分析数字取证-A
- The collapse of margin
- undefined reference to H5PTopen
- Ionic4 learning notes 12 - a east project grid completes the list of goods
- 4. Basic type and reference type?
- mysql 配置文件
- EasyUI adds row level buttons to the DataGrid
- L4l7 load balancing
- Date function format conversion
- Windowing function (1) - top three employees of department salary
猜你喜欢
Mid year inventory | in 2022, PAAS will be upgraded again
5. Reference type and value type as function parameters?
Typora is still the most beautiful and beautiful document editing artifact of yyds in my heart. I believe you will never abandon it
剑指 Offer 21. 调整数组顺序使奇数位于偶数前面
全国职业院校技能大赛网络安全竞赛——Apache安全配置详解
开窗函数(1)-部门工资前三员工
永恒之蓝MS17-010exp复现
模拟实现vector
全国职业院校技能大赛网络安全竞赛之数据分析数字取证-A
Type-C边充边听PD协议芯片
随机推荐
Admin component
web渗透经验汇总ing
mysql 配置文件
第五届数字中国建设峰会在福建福州开幕
奶头乐理论介绍及个人感悟
Calling startActivity() from outside of an Activity context requires the FLAG_ ACTIVITY_ NEW_ TASK flag
A practical scheme of realizing 0.5px on mobile terminal
MySQL - bufferpool related information
Latex mathematical formula
IO multiplexing
Type-C边充边听PD协议芯片
Segment tree merge board
全国职业院校技能大赛网络安全竞赛之数据分析数字取证-A
8. = = and = = =?
The difference between KIB and MIB and KB and MB
Common methods of array (2)
Mysql——》BufferPool相关信息
13. What is the difference between onkeydown, up and onkeypress?
2020年中职组“网络空间安全”赛项浙江省竞赛任务书及答案(Flag)
Windowing function (1) - top three employees of department salary