====== Apache ======

===== Hide server info =====
<code apache>
Header unset Server

ServerSignature Off
ServerTokens Prod
</code>

===== Redirect =====

Redirect with htaccess
<code apache>
# permanent
Redirect 301 /google http://www.google.com/
# temporary
Redirect 302 /google http://www.google.com/
# redirent home
RewriteEngine On
RedirectMatch 301 ~.+ http://example.com/$0
</code>

User dir redirect
<code apache>
<IfModule mod_userdir.c>
    UserDir http://example.com~*/
</IfModule>
</code>


===== SSLEngine =====

如果出現以下，

<code>
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
</code>

表示 ssl module 沒有安裝或啟用

==== CentOS ====

<code bash>
yum search apache ssl
yum install mod_ssl
</code>

確認 mode_ssl 有在
modules/mod_ssl.so

而且以下有在 conf.d/ssl.conf 中
LoadModule ssl_module modules/mod_ssl.so

==== Debian/Ubuntu/Suse ====

啟用方式，以下指令會建立連結檔
<code bash>
a2enmod ssl
# ln -s /etc/apache2/mods-{available,enabled}/ssl.load; ln -s /etc/apache2/mods-{available,enabled}/ssl.conf
</code>

===== Redirect to ssl if not a old browser =====
<code apache>
# http://serverfault.com/questions/389806/redirect-to-ssl-only-if-browser-supports-sni
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !MSIE\ [5-8]
RewriteCond %{HTTP_USER_AGENT} !Android.*(Mobile)?\ [0-3]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</code>

ref:

http://unix.stackexchange.com/questions/124137/change-apache-httpd-server-http-header

https://donjajo.com/modify-apache-servertokens-custom-value-using-mod_security-module/