Differences

This shows you the differences between two versions of the page.

--- build:apache [2009/01/26 15:46]
151.145.245.20 Don't allow Indexes to be visible in web sites, as it leaks information that may be helpful to attackers. (CMB)
+++ build:apache [2009/03/03 16:02] (current)
151.145.245.20 Add separate default site. (CMB)
@@ Line 99: / Line 99: @@
 </code>
+==== Default Site ====
+The default site is a "catch-all" that will serve any site that doesn't have a domain name specified in a site config file.
+We've set this up to deny all requests, since we were getting a lot of attacks trying to use the server as a proxy to other sites.
+(Some attempts even had "proxy_test_referer" in the Referer field.)
+Edit ''/etc/apache2/sites-available/000-default'':
+<file>
+NameVirtualHost *
+<VirtualHost *>
+    # Minimize logging of this junk.
+    #CustomLog /dev/null ""
+    #ErrorLog /dev/null
+    CustomLog /var/log/apache2/attack.log combined
+    ErrorLog /var/log/apache2/attack_error.log
+    LogLevel emerg
+    # Don't allow access to anything, causing a 403 error message for any request.
+    ErrorDocument 403 "Site does not exist on this server!"
+    <Location />
+        Order allow,deny
+        Deny from all
+    </Location>
+</VirtualHost>
+</file>
+<code rootshell>
+a2ensite 000-default
+</code>
 ==== Main SLUUG Site ====
@@ Line 108: / Line 138: @@
 </code>
-Edit ''<nowiki>/etc/apache2/sites-available/000-www.sluug.org</nowiki>'':
+Edit ''<nowiki>/etc/apache2/sites-available/www.sluug.org</nowiki>'':
 <file>
-NameVirtualHost *
 <VirtualHost *>
 	ServerName www.sluug.org
@@ Line 132: / Line 161: @@
 <code rootshell>
-a2ensite 000-www.sluug.org
+a2ensite www.sluug.org
 </code>

SLUUG Wiki

User Tools

Site Tools

Differences

Page Tools