Issue
How to defend my apache2 server from anti DNS pinning and anti dns rebinding?
I work in company where is inform safety is important, but they only can test in one platform and tell me where is problem(
I am front-end and do not know how to defend my server ( Madly I hope that you will help with advice and show me the right path! Thank you very much in advance )
This is my
site.name.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName site.name
ServerAlias site.name
DocumentRoot /data/edu3/public
<Directory /data/edu3/>
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/apache2/options-ssl-apache.conf
SSLCertificateFile /data/ssl/u1.crt
SSLCertificateKeyFile /data/ssl/u1.key
</VirtualHost>
<VirtualHost *:443>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
</IfModule>
<VirtualHost 10.224.32.10:80>
ServerAdmin webmaster@localhost
ServerName site.name
DocumentRoot /data/edu3/public
<Directory /data/edu3/>
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost _default_:*>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
<VirtualHost 10.224.32.10:80>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
Solution
The easiest way is to add this virtualhost separately, and make sure that the virtualhost for the main website is using the ServerName directive.
<VirtualHost _default_:80>
ServerAdmin webmaster@localhost
DocumentRoot "/path/to/defaultpagedirectory"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log
</VirtualHost>
Basically what this does is that, it has a default page in the document root (you have to create it), it will serve that default page to the user if the Host header differs.
Answered By - Example person Answer Checked By - Robin (PHPFixing Admin)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.