Remove Apache server signature from footer

By default error pages served by Apache2 contain a line at the bottom, stating version of Apache, OS etc.

If you want it gone, edit /etc/apache/apache2.conf:

  • Add a line:
ServerSignature Off
  • Reload the new configuration:

service apache2 reload

 

P.S. While you are at it you may also add this to tell server not to share more information about itself than necessary:

ServerTokens ProductOnly

 


Prevent Apache from listing files in directory

One way to prevent automatic directory listing with Apache2 is to disable its autoindex module (results in: 403 Forbidden):

  • sudo a2dismod autoindex
  • service apache2 restart

To enable it later again:

  • sudo a2enmod autoindex
  • service apache2 restart

Another way is to edit Apache2 main configuration file /etc/apache2/apache2.conf (results in: 404 Not Found):

  • Find the section which looks like the one below

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

  • Remove the word "Indexes":
  • service apache2 reload

UTF-8 from MySQL does not show correctly in PHP

The data you have in MySQL is all in UTF-8, you have UTF-8 specified in your HTML, PHP is set up to use UTF-8, but you still get gibberish as output, with question marks showing up on screen instead of correct symbols.

The problem may be that the communication between MySQL and PHP is not happening in UTF-8.

Try telling “SET NAMES ‘utf8′” to MySQL when you initiate the connection, before you run any other queries.

For example, as soon as you establish the connection to database, run this in your script:

mysqli_query( $conection, “SET NAMES ‘utf8′” );


Change phpMyAdmin logo

The easiest way to change phpAdmin logo is to replace logo images of the current theme:

  • Login screen: /usr/share/phpmyadmin/themes/pmahomme/img/logo_right.png
  • Worklpace screen: /usr/share/phpmyadmin/themes/pmahomme/img/logo_left.png

Removing comments from PHP

Sometimes it is enough to remove comments from your PHP code to make it not worth stealing, as a potential violator will spend more time figuring out what did you mean by all that, than writing his own version of the software to do the same job.

This very simple solution, based on an example in a forum here, does that for all files in the directory and its subdirectories.

  • find . -type f -name '*.php' | while read VAR; \
    do mv $VAR "$VAR-old"; php -wq "$VAR-old" > $VAR ; \
    unlink "$VAR-old"; done

Unlike obfuscators, it does not mess with your actual code.

The php options engaged here are:

-w             Output source with stripped comments and whitespace

-q             Quiet-mode. Suppress HTTP header output (CGI only).


Securing phpMyAdmin

The things you can do to make your phpMyAdmin less vulnerable to attack:

1. Call it something else.

Normally it is accessed by its alias /phpmyadmin, as defined in the /etc/apache2/conf-enabled/phpmyadmin.conf.

Edit it and rename the alias to something else, something hard for an attacked to guess. You can use apg to generate a random name for it. Restart Apache after you are done.

2. Restrict access to a particular range of addresses

You may chose to allow only local access from localhost, or allow access from the range of your VPN.

Remember that Apache configuration syntax changed as of version is 2.4, so now you have to use Require instead of Order Deny,Allow.

To find out your version:

apachectl -V | grep ‘Server version’

To limit access to phpMyAdmin to allow only connections from localhost and VPN:

Right after the tag add:

Require ip 127.0.0.1
Require ip 10.8.0.0/24

Be aware that anybody who attempts to connect phpMyAdmin form any other address will see a message

“Forbidden

You don’t have permission to access […] on this server.”

To avoid that you can rename the alias as described above

 


Reset filters in LibreOffice

You may experience a situation where may not be able to reset filters in LibreOffice, with the Data -> More filters -> Reset all.

Use the alternative way by directly ordering the rows to be shown by Format -> Row -> Show.