My Quotes


When U were born , you cried and the world rejoiced
Live U'r life in such a way that when you go
THE WORLD SHOULD CRY






Tuesday, July 8, 2014

Prevent DNS Injections Apache Web Server


To prevent DNS Injection attacks, 

which are attacks that can inject fake DNS names into your server's cache, you need to add another module to Apache. 
Follow these steps
  • Open a terminal window
  • Issue the command sudo apt-get -y install libapache2-mod-spamhaus
  • After the installation completes, issue the command sudo touch /etc/spamhaus.wl.
  • Issue the command sudo chown -R www-data:root /var/log/apache2/evasive.
  • With the module installed, open the /etc/apache2/apache2.conf file (using sudo and your favorite text editor) and append the following to the bottom of your configuration file:
    
      MS_METHODS POST,PUT,OPTIONS,CONNECT 
      MS_WhiteList /etc/spamhaus.wl 
      MS_CacheSize 256 
    
    
  • Save the apache2.conf file and restart Apache so the new module will take effect
  • No comments :