Learn Apache web server administration from the basic web server concept to the advanced topics, such as best practices, security, logging, integration, and other guides.
Total 35 articles.
Don’t expose the .git folder, which may contain sensitive information. When you initialize and deploy your application through Git, it creates a .git folder that contains necessary information. If .git folder is accessible through a webserver or frontend over the Internet, it can potentially leak sensitive data. Worse, if you have credentials stored in some…
You might have some sensitive page that you want to protect with the password. This is also known as Basic Authentication. The good news is it’s possible, and it is super easy. Why protect the webpage with a password? Well, there could be many reasons, including. Contain sensitive data on the page The page is…
Let’s look into getting a FREE SSL/TLS certificate from ZeroSSL and implement it in Apache and Nginx web servers. Introduction You might have heard a lot about the term like HTTP and HTTPS. In the early days, a protocol was defined, which was named as HyperText Transfer Protocol(HTTP). It is a way to communicate from…
Restrict or allow resource sharing between sites using CORS header. CORS (Cross-Origin Resource Sharing) header is supported on all modern browsers. Can I Use cors? Data on support for the cors feature across the major browsers from caniuse.com. By default, the browser restricts cross-origin HTTP requests through scripts. And, CORS can be handy to reuse…
Protect your website from click-jacking attack by implementing CSP (Content Security Policy) header CSP is one of the OWASP top 10 secure headers and often recommended by security experts or tools to implement it. There are many options to build the policy to enforce how you want to expose your web resources. One of the…
Block all those unnecessary requests you see in the logs I assume you have looked into your website visitor logs and fed up with those unwanted requests. They may not be necessarily bad or spam, but it is they may not add value to the business. Imagine if the majority of the hits are coming…
A step-by-step guide to enable the latest and test TLS version protocol 1.3 Before the implementation procedure, let’s take a look at what is TLS 1.3, how it differs from 1.2, history, and compatibility. What is TLS 1.3? TLS (transport layer security) 1.3 is based on the existing 1.2 specifications. It’s the latest TLS version…
Let’s secure Apache with SSL/TLS certificate. Once the certificate is implemented, the configured domain/IP will be accessible over HTTPS. Let’s get it started. On a high-level, we will do the following. Compile Apache HTTP 2.4.5 with SSL module Get SSL Certificate Configure Apache to support SSL Install Apache with SSL from Source To configure SSL,…
Installing Apache HTTP is always fun. A few days back, I was installing Apache 2.4 on CentOS VM and encountered multiple errors. I thought it would be helpful to put together for a reference. APR not found [[email protected] httpd-2.4.25]# ./configure –enable-ssl checking for chosen layout… Apache checking for working mkdir -p… yes checking for grep…
HTTP/2 is the second major version HTTP protocol released in 2015. Since launch, around 11% of website support HTTP/2. It got many features like: HTTP Header Compression Push technologies Load page elements in parallel over a single TCP connection Binary protocol Reduce latency Demo by AKAMAI shows HTTP/2 is approximately two times faster than HTTP/1.1 Did…
English 
Français 
Español 
Deutsch
