xpk
/
code-dumps
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: disable more modules

This commit is contained in:
xpk 2019-03-13 16:23:36 +08:00
parent a89a369db1
commit acc9367e90
Signed by: xpk
GPG Key ID: CD4FF6793F09AB86
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hardening/apache24-php.sh
View File

@ -16,9 +16,13 @@ ServerSignature off
EOF
# Disable unused modules
sed -i.preHardening -e 's/^/#/g' $APACHE_BASE/conf.modules.d/00-dav.conf
sed -i.preHardening -e 's/^/#/g' $APACHE_BASE/conf.modules.d/00-proxy.conf
if [ -d $APACHE_BASE/conf.modules.d ]; then
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/00-dav.conf
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/00-proxy.conf
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/01-cgi.conf
sed -i.preHarden -e 's/^Load.*\(authn_dbd\|authn_dbm\|authn_socache\|authz_dbd\|authz_dbm\|cache\|cache_disk\|cache_socache\|macro\|socache_dbm\|socache_memcache\)_module.*/###&/1' /etc/httpd/conf.modules.d/00-base.conf
fi
httpd -S 2>/dev/null | grep ":443" | awk '{print $NF}' | tr -d '[()]' | awk -F: '{print $1}' | while read c; do
sed -i.preHardening -e 's/SSLProtocol.*/SSLProtocol -ALL +TLSv1.2/g' $c