{"id":24592,"date":"2022-01-06T07:58:24","date_gmt":"2022-01-05T22:58:24","guid":{"rendered":"https:\/\/www.souichi.club\/?p=24592"},"modified":"2022-03-19T17:17:00","modified_gmt":"2022-03-19T08:17:00","slug":"apache-http-server","status":"publish","type":"post","link":"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/","title":{"rendered":"Apache HTTP Server vulnerability countermeasure upgraded to v2.4.52"},"content":{"rendered":"\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69dbf7efae66f\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #454e5c;color:#454e5c\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #454e5c;color:#454e5c\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69dbf7efae66f\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Apache_HTTP_Server\" >Apache HTTP Server<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Environment\" >Environment<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Version_Up_Procedure\" >Version Up Procedure<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Checking_the_current_version\" >Checking the current version<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Check_the_installable_version\" >Check the installable version<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Updating_the_package_list\" >Updating the package list<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Check_again\" >Check again<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Updating_the_package_list-2\" >Updating the package list<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Upgrading_apache2\" >Upgrading apache2<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Check_the_version\" >Check the version<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Restarting_Apache\" >Restarting Apache<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.souichi.club\/en\/technology\/apache-http-server\/#Confirmation\" >Confirmation<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Apache_HTTP_Server\"><\/span>Apache HTTP Server<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>There was an article about a vulnerability in Apache HTTP Server with a maximum severity of High, and that we should upgrade to v2.4.52.<\/p>\n\n\n\n<p>This blog is running on AWS EC2 (Elastic Compute Cloud) with Ubuntu 18.04 and WordPress.<\/p>\n\n\n\n<p>The web server uses Apache, so I found out that it is affected and decided to upgrade.<\/p>\n\n\n\n<p>The other day, I had to deal with the <a href=\"https:\/\/www.souichi.club\/en\/m5stack\/arduino-ide-v20\/\" target=\"_blank\" rel=\"noreferrer noopener\">Log4j vulnerability in the Arduino IDE<\/a>.<\/p>\n\n\n\n<p>The <a href=\"https:\/\/downloads.apache.org\/httpd\/Announcement2.4.html\" target=\"_blank\" rel=\"noreferrer noopener\">2.4.52 version is available here<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?resize=953%2C435&#038;ssl=1\" alt=\"Apache HTTP Server 2.4.52\" class=\"wp-image-24508\" width=\"953\" height=\"435\" srcset=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?w=1906&amp;ssl=1 1906w, https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?resize=768%2C350&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?resize=1536%2C700&amp;ssl=1 1536w\" sizes=\"auto, (max-width: 953px) 100vw, 953px\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Environment\"><\/span>Environment<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The environment is as follows.<\/p>\n\n\n<figure class=\"wp-block-table is-style-regular\">\n<table class=\"r_table01\">\n<tbody>\n<tr>\n<td class=\"r_td30\">\n<p>Server<\/p>\n<\/td>\n<td>\n<p>AWS\uff08Amazon Web Services\uff09<\/p>\n<p>Instance type : t2.small<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p>Server OS<\/p>\n<\/td>\n<td>\n<p>Ubuntu Server 18.04 LTS<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p>CMS<\/p>\n<\/td>\n<td>\n<p>WordPress 5.8.2<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p>Apache<\/p>\n<\/td>\n<td>\n<p>2.4.29 \u2192 2.4.52 (Version up)<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Version_Up_Procedure\"><\/span>Version Up Procedure<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Checking_the_current_version\"><\/span>Checking the current version<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Login to the server with terminal software and check the current version with the following command.<\/p>\n\n\n<pre><code class=\"lang-shell\">apache2 -v<\/code><\/pre>\n\n\n<p> v2.4.29 was installed.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-02.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-02.png?resize=559%2C391&#038;ssl=1\" alt=\"v2.4.29 was installed.\" class=\"wp-image-24509\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Check_the_installable_version\"><\/span>Check the installable version<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Check the installable version registered in the repository.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo apt show apache2<\/code><\/pre>\n\n\n<p>The already installed v2.4.29 was displayed.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-03.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-03.png?resize=559%2C391&#038;ssl=1\" alt=\"2.4.29\" class=\"wp-image-24510\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Updating_the_package_list\"><\/span>Updating the package list<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Use the following command to add the repository and update the package list.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo add-apt-repository ppa:ondrej\/apache2<\/code><\/pre>\n\n\n<p>It will stop in the middle, so press Enter to continue the process.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-04.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-04.png?resize=559%2C391&#038;ssl=1\" alt=\"Update the package\" class=\"wp-image-24511\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<p>The repository has been added and the package list has been updated.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-05.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-05.png?resize=559%2C391&#038;ssl=1\" alt=\"\u30d1\u30c3\u30b1\u30fc\u30b8\u30ea\u30b9\u30c8\u304c\u66f4\u65b0\u3055\u308c\u305f\" class=\"wp-image-24512\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Check_again\"><\/span>Check again<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Again, check the installable version with the following command.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo apt show apache2<\/code><\/pre>\n\n\n<p>This time, v2.4.52 was the target.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-06.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-06.png?resize=559%2C391&#038;ssl=1\" alt=\"Targeted for 2.4.52\" class=\"wp-image-24513\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Updating_the_package_list-2\"><\/span>Updating the package list<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>The first step is to update the package list.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo apt-get update<\/code><\/pre>\n\n\n<p>Updated.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-07.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-07.png?resize=559%2C391&#038;ssl=1\" alt=\"Update the package list\" class=\"wp-image-24514\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Upgrading_apache2\"><\/span>Upgrading apache2<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Use the following command to upgrade (install) apache2.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo apt-get install apache2<\/code><\/pre>\n\n\n<p>When prompted to continue, enter y.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-08.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-08.png?resize=559%2C391&#038;ssl=1\" alt=\"enter y\" class=\"wp-image-24515\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<p>Installed.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-09.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-09.png?resize=559%2C391&#038;ssl=1\" alt=\"Installed.\" class=\"wp-image-24516\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Check_the_version\"><\/span>Check the version<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Again, use the following command to check the version.<\/p>\n\n\n<pre><code class=\"lang-shell\">apache2 -v<\/code><\/pre>\n\n\n<p>It has been upgraded to v2.4.52.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-10.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-10.png?resize=559%2C391&#038;ssl=1\" alt=\"It has been upgraded to v2.4.52.\" class=\"wp-image-24517\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Restarting_Apache\"><\/span>Restarting Apache<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Restart Apache with the following command.<\/p>\n\n\n<pre><code class=\"lang-shell\">sudo systemctl restart apache2<\/code><\/pre>\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a class=\"r_image\" href=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-11.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-11.png?resize=559%2C391&#038;ssl=1\" alt=\"Restarting Apache\" class=\"wp-image-24519\" width=\"559\" height=\"391\"\/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Confirmation\"><\/span>Confirmation<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Just to be sure, I checked that the page would display as it should.<\/p>\n\n\n\n<p>Before running it in the production environment, I built a virtual environment using VirtualBox and tested it beforehand in that environment.<\/p>\n\n\n\n<p>This concludes this article.<\/p>\n\n\n<div class=\"postscript_balloon\">Finally.<\/div>\n\n\n<p>I hope this article will be useful to someone somewhere.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apache HTTP Server was found to have a vulnerability with a maximum severity of High, so it was upgraded from 2.4.29 to 2.4.52.<\/p>\n","protected":false},"author":5,"featured_media":24508,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_locale":"en_US","_original_post":"https:\/\/www.souichi.club\/?p=24506","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[54],"tags":[],"class_list":["post-24592","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","en-US"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.souichi.club\/wp-content\/uploads\/apache-http-server-01.png?fit=1906%2C869&ssl=1","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/posts\/24592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/comments?post=24592"}],"version-history":[{"count":7,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/posts\/24592\/revisions"}],"predecessor-version":[{"id":24602,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/posts\/24592\/revisions\/24602"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/media\/24508"}],"wp:attachment":[{"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/media?parent=24592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/categories?post=24592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.souichi.club\/wp-json\/wp\/v2\/tags?post=24592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}