From a02a263a9a572d57f08bd25f3a01d120b3f8890f Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 25 Mar 2014 20:14:09 +0000 Subject: [PATCH] Limit Apache request sizes --- beaglebone.txt | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/beaglebone.txt b/beaglebone.txt index 1d57a6b3..6ae237fa 100644 --- a/beaglebone.txt +++ b/beaglebone.txt @@ -1664,7 +1664,14 @@ ServerSignature Off ServerTokens Prod #+END_SRC -Then save and exit In the examples below replace /mydomainname.com/ with your own domain name. +Then save and exit. Install some extra security. + +#+BEGIN_SRC: bash +apt-get install libapache2-modsecurity +apt-get install libapache2-mod-evasive +#+END_SRC + +In the examples below replace /mydomainname.com/ with your own domain name. #+BEGIN_SRC: bash export HOSTNAME=mydomainname.com @@ -1690,6 +1697,7 @@ The Apache configuration for the site should look something like the following. AllowOverride All Order allow,deny allow from all + LimitRequestBody 128000 # Don't serve .php~ or .php# files created by emacs @@ -1714,6 +1722,7 @@ The Apache configuration for the site should look something like the following. Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all + LimitRequestBody 128000 ErrorLog ${APACHE_LOG_DIR}/error.log @@ -1740,6 +1749,7 @@ The Apache configuration for the site should look something like the following. AllowOverride All Order allow,deny allow from all + LimitRequestBody 128000 # Don't serve .php~ or .php# files created by emacs @@ -1764,6 +1774,7 @@ The Apache configuration for the site should look something like the following. Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all + LimitRequestBody 128000 ErrorLog ${APACHE_LOG_DIR}/error.log