Harden Apache on Ubuntu 18.04

To harden your Apache and Ubuntu installation, I would recommend the following steps are taken:

Step 1) To avoid HTTP DoS, DDoS or Brute Force attack, you should install this module

sudo apt-get install libapache2-mod-evasive
sudo a2enmod evasive
sudo mkdir /var/log/mod_evasive
sudo chown -R www-data:www-data /var/log/mod_evasive

Step 2) ModSecurity is a web application firewall for the Apache web server. In addition to providing logging capabilities, ModSecurity can monitor the HTTP traffic in real time in order to detect attacks. ModSecurity also operates as a web intrusion detection tool, allowing you to react to suspicious events that take place at your web systems.

sudo apt-get install libapache2-mod-security2

Step 3) Do not allow any Apache and Ubuntu Server information to be print on the error pages.

ssudo nano /etc/apache2/conf-enabled/security.conf

Change the following lines as the following :

ServerToken Prod
ServerSignature Off

Step 4) After making these changes you will need to restart Apache server.

sudo systemctl restart apache2.service