header snippets

How to change the Apache 2 server signature on Debian Etch

Tagged apache2, signature, server, header, disable  Languages apacheconf

Install mod_security, for some stupid reason it's not included in Debian Etch, and for some even more stupid reason you're not allowed to change the value of the Server header.

Anyway, to change the server signature, and enable voodoo magic:

<IfModule mod_security2.c>
    # Basic configuration options
    SecRuleEngine On
    SecRequestBodyAccess On
    SecResponseBodyAccess Off

    # Handling of file uploads
    # TODO Choose a folder private to Apache.
    # SecUploadDir /opt/apache-frontend/tmp/
    SecUploadKeepFiles Off

    # Debug log
    SecDebugLog /var/log/apache2/modsec_debug.log
    SecDebugLogLevel 0

    # Serial audit log
    SecAuditEngine RelevantOnly
    SecAuditLogRelevantStatus ^5
    SecAuditLogParts ABIFHZ
    SecAuditLogType Serial
    SecAuditLog /var/log/apache2/modsec_audit.log

    # Maximum request body size we will
    # accept for buffering
    SecRequestBodyLimit 131072

    # Store up to 128 KB in memory
    SecRequestBodyInMemoryLimit 131072

    # Buffer response bodies of up to
    # 512 KB in length
    SecResponseBodyLimit 524288

    SecServerSignature "Dummy value"

How to set the Expires header with Apache 2 and mod_expires

Tagged apache, expires, mod_expires, header, caching  Languages apacheconf

First you need to enable the mod_expires module:

a2enmod expires

Next add this to your configuration:

ExpiresActive On
# Set Expires header to current time by default
ExpiresDefault A0

<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
  ExpiresDefault "access plus 30 days"

<FilesMatch "\.(jpg|jpeg|png|gif|swf|bmp|)$">
  ExpiresDefault "access plus 7 days"

<FilesMatch "\.(txt|xml|js|css)$">
  ExpiresDefault "access plus 1 day"

Now restart Apache:

$ sudo /etc/init.d/apache2 force-reload

Check that the proper headers are set with Firebug, Yahoo YSlow or Google Page speed.