Apache settings not working properly.

Support for security such as Firewalls and securing linux
Post Reply
hack3rcon
Posts: 694
Joined: 2014/11/24 11:04:37

Apache settings not working properly.

Post by hack3rcon » 2020/09/18 18:29:24

Hello,
I made a thread in this forum and asked a question about some configuration lines that can be move from "httpd.conf" to Virtual Host file. Someone recommended https://httpd.apache.org/docs/2.4/mod/q ... rence.html to me to understand this concept. According to that document, an option like "TraceEnable" is for both of server and Virtual Host. I removed "TraceEnable off" from "httpd.conf" and added it to Virtual Host file:

Code: Select all

<VirtualHost *:80>
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
ServerAdmin root@localhost
ServerName www.example.net
ServerAlias www.example.net
DocumentRoot /var/www/wordpress
<Directory "/var/www/wordpress">
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ErrorLog /var/log/httpd/wordpress_error.log
CustomLog /var/log/httpd/wordpress_access.log common
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.net [OR]
RewriteCond %{SERVER_NAME} =www.example.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Redirect / https://www.example.net

TraceEnable off
ServerSignature Off
</VirtualHost>
But it can't working properly and my server is traceable. I scanned my web server by "Arachni" and result is:
trace.PNG
trace.PNG (24.78 KiB) Viewed 91 times
Why?

Thank you.

Post Reply

Return to “CentOS 8 - Security Support”