Summary: | decrease version reporting verbosity | ||
---|---|---|---|
Product: | Sisyphus | Reporter: | Konstantin Pavlov <thresh> |
Component: | apache | Assignee: | Michael Shigorin <mike> |
Status: | CLOSED FIXED | QA Contact: | qa-sisyphus |
Severity: | enhancement | ||
Priority: | P2 | CC: | at, cas, crux, ender, hiddenman, icesik, lakostis, ldv, mike, mithraen, qa_viy, rider, shaba, solo, viy |
Version: | unstable | ||
Hardware: | all | ||
OS: | Linux | ||
URL: | http://www.onlamp.com/pub/a/apache/2004/09/23/apacheckbk.html |
Description
Konstantin Pavlov
2006-09-25 19:46:08 MSD
(In reply to comment #0) > Есть предложение добавить: > ServerSignature Off > ServerTokens ProductOnly > > в конфиг по-умолчанию в порядке общей паранойи по "степени защищенности" системы. Поддерживаю. Нефиг светить что стоит на машине. Озабоченным также рекомендуется mod_security. (у меня работает :) Ну и expose_php = Off в php.ini, if any. Добавлено в первую секцию httpd.conf: # # ServerSignature: this allows the configuration of a trailing footer line # under server-generated documents (error messages, mod_proxy ftp directory # listings, mod_info output, ...). # # ServerTokens: controls whether Server response header field which is sent # back to clients includes a description of the generic OS-type of the server # as well as information about compiled-in modules. # # In ALT Linux, we came to conclusion that more verbosity by default is not # what we want. So we lock down this "information disclosure", but if you # need it for debug, identification or anything else, feel free to comment # these out. ServerSignature Off ServerTokens ProductOnly |