Secure apache web server quickly

From Urandom
Revision as of 19:04, 26 February 2013 by Martivo (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Needed to close down a fresh apache installation. Should work with most debians.

Enable SSL

Enable ssl module and site.

a2enmod ssl
a2ensite default-ssl

Redirect http to https

Enable rewrite module

a2enmod rewrite

Added this to /etc/apache2/sites-enabled/000-default in the

<VirtualHost *:80>


        <LocationMatch "/">
                RewriteEngine On
                RewriteCond %{HTTPS} off
                RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Set up basic authentication

Create password file and add users

Create password file

htpasswd -c /etc/apache2/passwords admin
  • NB: to add another user
htpasswd /etc/apache2/passwords moderator

Configure apache with basic authentication

<Location />
AuthType basic
AuthName "Access requires authentication"
AuthBasicProvider file
AuthUserFile /etc/apache2/passwords
Require valid-user

Reload configuration

service apache2 reload