Apache Stuff

Hide Apache server version/information,

ServerSignature Off
ServerTokens Prod


Show custom error messages, do for common or well known error codes,

ErrorDocument 400 /myerrorpage.html
ErrorDocument 401 /myerrorpage.html
ErrorDocument 403 /myerrorpage.html
ErrorDocument 404 /myerrorpage.html
ErrorDocument 405 /myerrorpage.html
ErrorDocument 500 /myerrorpage.html


Allow only known versions of HTTP protocol,

RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/(0\.9|1\.[01])$
RewriteRule .* - [F]


Reduce the timeout in Apache

Default is 300 seconds (5 minutes), safe to reduce this to 60 seconds.  Also, KeepAlive should be on but also reduce its timeout.
Timeout 60
KeepAlive On
KeepAliveTimeout 25


Hide the PHP version

Find the php.ini file and look for,
expose_php=ON
change it to,
expose_php=Off


Protect from Cross Site Scripting

<IfModule mod_headers.c>
    Header set X-XSS-Protection: "1; mode=block"
</IfModule>

CentOS 7 services

Start service,
systemctl start NAME.SERVICE

Stop service,
systemctl stop NAME.SERVICE

Status,
systemctl status NAME.SERVICE   , add -l for more information


Enable the service so it starts at startup / boot
systemctl enable NAME.SERVICE

CentOS 7 run level info

Run levels in CentOS 7 are not set in /etc/inittab anymore.  Systemd uses targets instead of run levels.  You can change the default run level by using the systemctl command or making symlinks.


Check the current run level
systemctl get-default


Check available targets
systemctl list-units --type=target


Change default to run level 3
systemctl set-default multi-user.target


Change default to run level 5
systemctl set-default graphical.target


Using SymLinks

run level 3, ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target

run level 5, ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target