stopplidelsen/innhold
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add security hardening for shared hosting environments

Browse source 
Improve session cookie security with HttpOnly and SameSite attributes
Add security headers via .htaccess
Block direct access to sensitive files
Restrict allowed HTTP methods
Document cPanel-specific security configuration
Add container hardening for ServerTokens and ServerSignature
This commit is contained in:
Ruben 2026-02-10 23:02:57 +01:00
parent f2dc4ec647
commit 3b04a3d78c
6 changed files with 121 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Containerfile
View file

@ -1,11 +1,15 @@
FROM php:8.4.14-apache
# Enable Apache modules and custom config as root during build
RUN a2enmod rewrite
RUN a2enmod rewrite headers
COPY apache.conf /etc/apache2/conf-available/custom.conf
RUN a2enconf custom
# Override default security.conf settings
RUN sed -i 's/^ServerTokens OS/ServerTokens Prod/' /etc/apache2/conf-available/security.conf \
&& sed -i 's/^ServerSignature On/ServerSignature Off/' /etc/apache2/conf-available/security.conf
# Log to /proc/self/fd for container output
RUN sed -i 's|ErrorLog.*|ErrorLog /proc/self/fd/2|' /etc/apache2/sites-available/000-default.conf \
&& sed -i 's|CustomLog.*|CustomLog /proc/self/fd/1 combined|' /etc/apache2/sites-available/000-default.conf \