Tag: apache2

Install MariaDB 10.4 + Apache2(httpd) 2.4 + PHP 7.3 on CentOS 7.6

1. 准备 cat /etc/redhat-release # CentOS Linux release 7.6.1810 (Core) 2. 安装MariaDB 10.4 cat | sudo tee /etc/yum.repos.d/mariadb.repo <<EOF [mariadb] name = MariaDB baseurl = https://yum.mariadb.org/10.4/rhel7-amd64 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1 EOF sudo yum install MariaDB-server MariaDB-client sudo systemctl start mariadb sudo systemctl enable mariadb #表名大小写不敏感 sudo sed -i ‘s/\[mysqld\]/[mysqld]\nlower_case_table_names=1/’ /etc/my.cnf sudo mysql_secure_installation Create database. Let’s take wordpress as an example: $ mysql -u root -p MariaDB [(none)]> CREATE DATABASE `wordpress` DEFAULT CHARACTER SET utf8 COLLATE utf8_bin; MariaDB [(none)]> grant all on wordpress.*…

Read More »

Secure cookie with HttpOnly and Secure flag in Apache

Secure Apache Web Server from XSS Attack Do you know you can mitigate most common XSS attack using HttpOnly and Secure flag with your cookie? XSS is dangerous, very dangerous. By looking at increasing number of XSS attack on daily basis, you must secure you web applications. Without having HttpOnly and Secure flag in HTTP response header, it is possible to steal or manipulate web application session and cookies. It’s good practice to set HttpOnly and Secure flag in application…

Read More »

配置Apache Basic和Digest认证

Apache常见的用户认证可以分为下面三种: 基于IP,子网的访问控制(ACL) 基本用户验证(Basic Authentication) 消息摘要式身份验证(Digest Authentication) 基本身份验证 原理: 一个页面访问请求 1 2 GET /auth/basic/ HTTP/1.1 Host: target Web服务器要求用书输入用户凭据(服务器返回401响应头和’realm’) 1 2 3 4 5 6 7 HTTP/1.1 401 Authorization Required Date: Sat, 08 Jun 2013 12:52:40 GMT WWW-Authenticate: Basic realm=”Basic auth Dir”          Content-Length: 401 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 浏览器弹出登录窗口(包含’realm’),要求用提供用户名/密码 1 2 3 GET /auth/basic/ HTTP/1.1 Host: target Authorization: Basic TGVuZ1dhOjEyMzQ1Ng==       //Basic后面就是LengWa:123456经过Base64编码后的字符串 服务器将用户输入的凭据和服务器端的凭据进行比较。如果一直则返回所请求页面的响应。 配置: – 以保护/data/www/auth/basic为例 Step 1: 创建密码文件,并添加第一个用户。 1 2 3 4 /usr/local/apache/bin> ./htpasswd -c /data/www/auth/basic/user.txt LengWa New…

Read More »