Wednesday, September 21, 2022

[FIXED] How to defend Apache2 from anti DNS pinning and anti DNS rebinding?

      , , ,      No comments   

Issue

How to defend my apache2 server from anti DNS pinning and anti dns rebinding? I work in company where is inform safety is important, but they only can test in one platform and tell me where is problem(
I am front-end and do not know how to defend my server ( Madly I hope that you will help with advice and show me the right path! Thank you very much in advance )
This is my

site.name.conf

<IfModule mod_ssl.c>
  <VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName site.name
    ServerAlias site.name
    DocumentRoot /data/edu3/public
    <Directory /data/edu3/>
      AllowOverride All
      Order allow,deny
      allow from all
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Include /etc/apache2/options-ssl-apache.conf
    SSLCertificateFile /data/ssl/u1.crt
    SSLCertificateKeyFile /data/ssl/u1.key
  </VirtualHost>
  <VirtualHost *:443>
    ServerName catchall
    <Location />
        Order allow,deny
        Deny from all
    </Location>
  </VirtualHost>
</IfModule>
  <VirtualHost 10.224.32.10:80>
    ServerAdmin webmaster@localhost
    ServerName site.name  
    DocumentRoot /data/edu3/public
    <Directory /data/edu3/>
      AllowOverride All
      Order allow,deny
      allow from all
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
  </VirtualHost>
<VirtualHost _default_:*>
    ServerName catchall
    <Location />
        Order allow,deny
        Deny from all
    </Location>
  </VirtualHost>
<VirtualHost 10.224.32.10:80>
    ServerName catchall
    <Location />
        Order allow,deny
        Deny from all
    </Location>
  </VirtualHost>

Solution

The easiest way is to add this virtualhost separately, and make sure that the virtualhost for the main website is using the ServerName directive.

<VirtualHost _default_:80>
ServerAdmin webmaster@localhost
DocumentRoot "/path/to/defaultpagedirectory"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log
</VirtualHost>

Basically what this does is that, it has a default page in the document root (you have to create it), it will serve that default page to the user if the Host header differs.



Answered By - Example person
Answer Checked By - Robin (PHPFixing Admin)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...