Tag Archives: apache

Tutorial: How to Disable Track and Trace in apache (TraceEnable Off)

In this simple tutorial I show how to check and disable Apache track and trace. The operating system is CentOS 7 but it can work for CentOS 8 and other distros.

Nikto error: Allowed HTTP Methods: TRACE

If you want to disable TRACE methods go to httpd.conf and add to the bottom:

TraceEnable Off

How to block ip addresses and protect files and folders with apache and .htaccess in ubuntu?

In this tutorial we are going to create block list for our website so that IP addresses that we know are bad can’t connect to our server. Also we are going to protect files that we don’t want to be opened by other people online.

First we edit 000-default.conf and make the needed changes:

<code>pico /etc/apache2/sites-enabled/000-default.conf</code>
Code language: Bash (bash)
<VirtualHost *:80> <Directory /var/www/html> Options Indexes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory> ServerName www.webleit.info ServerAdmin your@mail.com DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf </VirtualHost>
Code language: Apache (apache)

Now we havo to create a .htaccess file and put ip addresses to be blocked and files to be protected:

order allow,deny deny from 91.247.38.54 deny from 91.247.38.55 deny from 91.247.38.57 deny from 198.15.180.240 deny from 67.229.79.154 deny from 188.120.229.212 deny from 85.128.142.38 allow from all # Protect the htaccess file <Files .htaccess> Order Allow,Deny Deny from all </Files> # Protect functions.php <Files functions.php> Order Allow,Deny Deny from all </Files> # Protect header.php <Files header.php> Order Allow,Deny Deny from all </Files> # Protect footer.php <Files footer.php> Order Allow,Deny Deny from all </Files> # Protect snowstorm.js <Files snowstorm.js> Order Allow,Deny Deny from all </Files>
Code language: Apache (apache)