如何保护我的apache2服务器免受反DNS固定和反DNS重新绑定?
我在公司中工作,在那儿通知安全很重要,但他们只能在一个平台上进行测试并告诉我问题出在哪里(
我是前端用户,不知道如何保护服务器(我很希望您能提供建议并向我显示正确的路径!非常感谢!)
这是我的
site.name.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName site.name
ServerAlias site.name
DocumentRoot /data/edu3/public
<Directory /data/edu3/>
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/apache2/options-ssl-apache.conf
SSLCertificateFile /data/ssl/u1.crt
SSLCertificateKeyFile /data/ssl/u1.key
</VirtualHost>
<VirtualHost *:443>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
</IfModule>
<VirtualHost 10.224.32.10:80>
ServerAdmin webmaster@localhost
ServerName site.name
DocumentRoot /data/edu3/public
<Directory /data/edu3/>
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost _default_:*>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
<VirtualHost 10.224.32.10:80>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>