Web Server Security task marked failed!

Dear @Inderpreet @kodekloud-support3

Please check, I am sure I got this one right.

The task had two parts on stapp01,

  1. The first one is to disable the Apache Server from exposing its version and OS of the server to any remote client connecting to Apache. - This worked with no error/issue.

  2. To disable directory listing of the web site root ie /var/www/html/blog

My steps to the solution
a. Changed the AllowOverride None to AllowOverride All in /etc/httpd/conf/httpd.conf
b. Created the .htaccess file on /var/www/html/blog directory
c. Added the line “Options -Indexes” without quotations in .htaccess file.
d. Restarted the Apache service
e. Verified the Apache service to be running.

I am getting an error saying directory is not disabled!

Regards,
Salim Rashid

Hi,

Can some one responded please @Inderpreet @kodekloud-support3

Thanks.

Hi @Salim

Please note that you changed AllowOverride None to AllowOverride All for <Directory "/var/www">

<Directory "/var/www">
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory> 

Since default document root i.e <Directory "/var/www/html"> do have its own section to manage these settings so you should have made these changes under <Directory "/var/www/html"> instead. Your htaccess changes were not considered at all.

I hope its clear to you now why this task failed for you.

Hi @Inderpreet

Thanks. Yes I understand the change is supposed to be on the document root. I am just asking my self why I changed the other directory :frowning_face: I think I’ll have to be more careful the next time I am editing the files.

1 Like

Don’t worry @Salim
Good luck for upcoming tasks.

This is 2nd time my task failed…what am i doing wrong…

i also added Change added Options Indexes FollowSymLinks in

<Directory /var/www/html/>

Have you cross checked?

@labheshp did you enabled AllowOverride settings in Apache config so that your .htaccess could be used ?

@Inderpreet yes i did .

but i kept the original as is

Am i suppose to edit and overirde that in apache config?

Turn off directory listing just for the specified directory
<Directory “/var/www/html/media”>

@Inderpreet and others please see is it correct and can i submit the task.

Task:
web security_task question

Step1: edited httpd config file vi /etc/httpd/conf/httpd.conf as below

web security_3

Step2: created .htaccess file under /var/www/html/news and added “Options -Indexes” in the file.

web security_2

Step3: restarted httpd and made sure that httpd is running.

Is their any way to verify my activity is correct?
If not can i go ahead and submit hoping it is correct.

Thanks,
Yogendra

Check in Display port section. It will show you web page. If you did correct then it will not show you apache web server version.

Hi @player001 thanks for replying.

Could you please guide me where exactly i need to verify, i am not sure Display port section means. Kindly assist.

Thanks,
Yogendra

In the Web preview section right? that section have Select Port to view Host 1. This option will show you page after giving Port input in blank box.

@yogendra are you able to complete the task?

if yes kindly help
i just don’t understand what the steps to be done for Q.no a.

thanks

Hi @karthikms

I have worked as mentioned in my snips above, unfortunately i ended up with result as Task Failed.
Please do some more research from your end (i was able to do only as above) and try to perform, all the best.

Regards,
Yogendra

i think you were supposed to do All access granted . i think thats where you went wrong.

thanks @yogendra

I tired to access the " Select Port to view Host 1" and choose the port number as 8080…but still I’m getting view of Quiz question page…which port number should i give the view the apache web page

@Salim @devops503 @Inderpreet @player001

Hi All,

As part of this task.

Before updating the httpd.conf.

I added the below commands towards the end of httpd.conf.

other than this changes, I didn’t do any other changes. the task was failed after submitted.


let me know where did I go wrong. Thank you!
Swaroop

Please take a look to