Skip to content

Tag: Apache

Security Headers

I still use Apache for a web server because of the vast amount of documentation on the web, something I’ve overlooked for a long time are security headers… The more I read about security breaches from other sites the more paranoid I get about the sites I have on the internet.

Enabling Apache security headers is pretty straight forward, first enable the Apache module headers

sudo a2enmod headers

And reload Apache

sudo systemctl restart apache2

You may wish to go into each individual virtual host to enable specific headers for specific sites but in my case I’m going to edit the Apache config which effects every website running.

Open Apache config

How to configure mod_remoteip

If you use Cloudflare or another reverse proxy service you’ve probably noticed that your Apache access logs are only recording Cloudflare IP addresses and not real IP addresses of connecting visitors, Cloudflare used to have their own plugin for older versions of Apache and operating systems though as of Ubuntu 18.04 and Debian 9 they’ve decided to stop supporting the Apache module.

The replacement is a module called “mod_remoteip” which is actually extremely easy to install and configure though it did initially take me hours to figure our how to configure the module correctly.