Serveur Web Debian 9

  sysadmin
Serveur Web Debian 9
 
### Apache ###
apt install apache2 apache2-mod-php7.0 
 
Vim /etc/apache2/conf-available/security.conf
ServerTokens Full
ServerSignature Off
Header always set X-Content-Type-Options: "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
 
 
### ModSecurity (couche 7) ###
apt install libapache2-mod-security2
cd /etc/modsecurity/ && mv modsecurity.conf-recommended modsecurity.conf
vim /etc/modsecurity/modsecurity.conf
SecRuleEngine On
SecDataDir /var/cache/modsecurity
SecServerSignature Elliot.ftw
cd /usr/share/modsecurity-crs/rules/
ln -s * /etc/modsecurity/crs/
cd /etc/modsecurity
vim crs-setup.conf
SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
Décommenter le block request-912-DOS-protection
Décommenter le block http Argument / Upload limits
Décommenter le block Forbidden file extension
a2enmod security2
a2enmod headers
systemctl restart apache2.service
### php7 ###
apt install php7.0 php7.0-mysql php7.0-curl php7.0-gd php7.0-intl php7.0-cli php7.0-cgi php7.0-imagick php7.0-imap php7.0-mcrypt php7.0-memcache php7.0-pspell php7.0-recode php7.0-snmp php7.0-sqlite php7.0-tidy php7.0-xmlrpc php7.0-xsl php7.0-imagick imagemagick libruby php7.0-memcached memcached
 
### MariaDB ###
apt install mariadb-client mariadb-server
mysql_secure_installation
 
### phpmyadmin ###
apt install phpmyadmin
## Ajout du script dans /etc/init/ pour start / stop phpmyadmin

[EDIT] Mise à jour de php 7.0 vers php7.3

wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
echo "deb https://packages.sury.org/php/ stretch main" | tee /etc/apt/sources.list.d/php.list
apt update
apt upgrade