Hiding Apache Data and Implementing Safeguards
The objective of this lab is to implement a series of safeguards to the existing Apache instance. First you will need to implement DOS and DDOS protection in terms of the Apache configuration. You will also need to implement clickjacking attack protection, implement cross-site scripting protection, prevent server-side includes, specify allowed request methods, disable HTTP 1.0 protocol, prevent the following of symbolic links and make sure you do not volunteer server information via server banner and ETag. Keep in mind that firewalld is already running, SSH is port 61613, Apache is already running on port 80, SELinux is in enforcing mode and the frontend and backend are both up and running.