Hiding Apache2 header info

Add these to your /etc/apache2/apache2.conf then restart Apache:

LoadModule headers_module /path_to/mod_headers.so
Header unset Server
ServerSignature Off
ServerTokens ProductOnly
Header unset X-Powered-By

Enabling chrooted sftp access for WordPress automatic upgrades

Create wordpress user specifically for the auto update and add the user to the www-data group:

  • sudo adduser wordpress
  • sudo adduser wordpress www-data

chgroup the wordpress dir to the www-data group:

  • sudo chgrp -R www-data /var/www/wordpress

Add the following to /etc/ssh/ssd_config to chroot the wordpress user to the wordpress directory:

Match User wordpress
ChrootDirectory /var/www/wordpress
AllowTCPForwarding no
X11Forwarding no
ForceCommand /usr/lib/openssh/sftp-server

Restart the sshd service:

sudo /etc/init.d/ssh restart

Setup the sftp userid and password in the wordpress settings and select sftp.

Enabling SSL for Apache2 on Ubuntu

Edit /etc/apache2/apache2.conf – add:

LoadModule      ssl_module /usr/lib/apache2/modules/mod_ssl.so

Generate SSL certificates:


Add SSL config and 443 port to a new Virtual Host in apache2.conf – for example:

<VirtualHost *:443>
ServerAdmin your_admin@email.com
DocumentRoot /var/www/your_doc_root
SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile path/to/server.crt
SSLCertificateKeyFile path/to/server.key
ServerName your.server.name
DirectoryIndex index.php

Add a listen port on 443 to /etc/apache2/ports.conf:

NameVirtualHost *:443