apache配置项

隐藏apache版本号
隐藏php版本号
更安全的conf

yum install mod_ssl -y 
mkdir /etc/httpd/ssl

<VirtualHost 10.10.10.19:80>
  DocumentRoot /var/www/html/nextcloud/
  ServerName  fp.sppp.net
  Redirect permanent / https://fp.sppp.net:2013/
  <Directory /var/www/html/nextcloud/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
</VirtualHost> 
<VirtualHost 10.10.10.19:443>
  DocumentRoot /var/www/html/nextcloud/
  ServerName  fp.sppp.net
  SSLEngine on
  ProtocolsHonorOrder On
  Protocols h2 h2c http/1.1
  SSLCertificateFile /etc/httpd/ssl/4294403_fp.sppp.net_public.crt
  SSLCertificateKeyFile /etc/httpd/ssl/4294403_fp.sppp.net.key
  SSLCertificateChainFile /etc/httpd/ssl/4294403_fp.sppp.net_chain.crt
  <Directory /var/www/html/nextcloud/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
    <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
    Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
    </IfModule>
  </Directory>
</VirtualHost>

隐藏apache版本号

编辑httpd.conf，末尾添加以下两行：

ServerTokens Prod
ServerSignature off

隐藏php版本号

搜索“php.ini”（find / -name php.ini）
编辑php.ini 找到expose_php = On这行
将expose_php = On改为expose_php = Off
更安全的conf

隐藏apache版本号

隐藏php版本号

更安全的conf