- Bind to internal interfaces when possible.
- Restrict admin endpoints to trusted IPs.
- Use TLS and disable legacy ciphers.
- Disable unused modules.
- Set
ServerTokens Prod and ServerSignature Off.
- Remove default vhosts and sample content.
- Use strict
Allow/Deny or Require rules.
- Disable directory listing if not needed.
- Run as a dedicated user.
- Keep Apache and modules updated.
Do you need help or support? Feel free to contact us!