feat: disable more modules
This commit is contained in:
parent
a89a369db1
commit
acc9367e90
|
@ -16,9 +16,13 @@ ServerSignature off
|
|||
EOF
|
||||
|
||||
# Disable unused modules
|
||||
sed -i.preHardening -e 's/^/#/g' $APACHE_BASE/conf.modules.d/00-dav.conf
|
||||
sed -i.preHardening -e 's/^/#/g' $APACHE_BASE/conf.modules.d/00-proxy.conf
|
||||
|
||||
if [ -d $APACHE_BASE/conf.modules.d ]; then
|
||||
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/00-dav.conf
|
||||
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/00-proxy.conf
|
||||
sed -i.preHarden -e 's/^/###/g' $APACHE_BASE/conf.modules.d/01-cgi.conf
|
||||
sed -i.preHarden -e 's/^Load.*\(authn_dbd\|authn_dbm\|authn_socache\|authz_dbd\|authz_dbm\|cache\|cache_disk\|cache_socache\|macro\|socache_dbm\|socache_memcache\)_module.*/###&/1' /etc/httpd/conf.modules.d/00-base.conf
|
||||
fi
|
||||
|
||||
httpd -S 2>/dev/null | grep ":443" | awk '{print $NF}' | tr -d '[()]' | awk -F: '{print $1}' | while read c; do
|
||||
sed -i.preHardening -e 's/SSLProtocol.*/SSLProtocol -ALL +TLSv1.2/g' $c
|
||||
|
|
Loading…
Reference in New Issue