security
Table of Contents
Security
WebDAV Readonly mode
Make sure to disable following methods in webserver.
# Disabled TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD <Directory /var/www/html > AuthType None Satisfy Any Allow from all RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD) RewriteRule .*$ - [F,L] </Directory>
cgi-bin precaution
Make sure none of the configuration files get printed as pain text.
<FilesMatch ".+(\.pm|\.conf|\.htaccess|\.gitignore|config)$"> Require all denied </FilesMatch>
Anything start with .(dot)
Disable all files and folder start with .dot
<DirectoryMatch "^\.|\/\."> Require all denied </DirectoryMatch> <LocationMatch "\/\."> Require all denied </LocationMatch>
security.txt · Last modified: 2020/08/10 02:35 by 127.0.0.1