ssh hoge

ディレクトリリスティング無効化

cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.orig
vim /etc/httpd/conf/httpd.conf

# Directory Listing Denied
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
    # Options  MultiViews Indexes FollowSymLinks
    Options  MultiViews FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

systemctl status httpd
systemctl restart httpd
systemctl status httpd

TLSv1.0無効化

cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.orig
vim /etc/httpd/conf.d/ssl.conf

#   SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
# SSLProtocol all -SSLv2
# Remove TLSv1.0
SSLProtocol all -SSLv2 -TLSv1
# SSLProtocol -ALL -SSLv2 +TLSv1 +TLSv1.1 +TLSv1.2
# SSLProtocol -ALL -SSLv2 +TLSv1.1 +TLSv1.2

systemctl status httpd
systemctl restart httpd
systemctl status httpd

不要コンテンツの削除

rm path/to/public/web.config

参考

• Apache のディレクトリリスティングを無効にする | Webセキュリティの小部屋
• ApacheでTLS1.2を有効にする方法 - 初めてのVPS構築