Take Back the Darknet (Part 7)

Part 7 – Hardening Apache and Secure Shell

Next up we harden Apache and OpenSSH for the glass is always half empty. Start off by editing the security configuration file for Apache2.
sudo nano /etc/apache2/conf-available/security.conf

ServerTokens OS
ServerTokens Prod

and change
ServerSignature On
ServerSignature Off
Save and exit, Ctrl-O (Writeout) and Ctrl-X (Exit)

Next, edit the main Apache configuration file.
sudo nano /etc/apache2/apache2.conf

Add the line, you can substitute tim with something more relevant to your own
"ServerName tim"
Then restart Apache2
sudo service apache2 restart
Edit the SSH daemon configuration file.
sudo nano /etc/ssh/sshd_config
PermitRootLogin without-password
PermitRootLogin no
Port 22
Port 38192
And restart the SSH service by doing a reboot.
sudo reboot

Logging in with SSH (Secure SHell) is now slightly different as we have changed the default port from 22 to 38192 (or any other number you wanted as long as it doesn’t clash with an existing one.
ssh tim@xxx.xxx.xxx.xxx -p 38192

Advance onward to part 8 or head back to the table of contents on page 1.

Leave a Reply

Your email address will not be published. Required fields are marked *