[hcoop/zz_old/config/apache2.git] / conf.d / security

#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages. It will be made the default for the release after lenny.
#
<Directory />
	AllowOverride None
	Order Deny,Allow
	Deny from all
</Directory>


# Changing the following options will not really affect the security of the
# server, but might make attacks slightly more difficult in some cases.

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Minimal
#ServerTokens Full

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
#ServerSignature Off
ServerSignature On

#
# Allow TRACE method
#
# Set to "extended" to also reflect the request body (only for testing and
# diagnostic purposes).
#
# Set to one of:  On | Off | extended
#
TraceEnable Off
#TraceEnable On
Commit	Line	Data
64803503	1	#
	2	# Disable access to the entire file system except for the directories that
	3	# are explicitly allowed later.
	4	#
	5	# This currently breaks the configurations that come with some web application
	6	# Debian packages. It will be made the default for the release after lenny.
	7	#
	8	<Directory />
	9	AllowOverride None
	10	Order Deny,Allow
	11	Deny from all
	12	</Directory>
	13
	14
	15	# Changing the following options will not really affect the security of the
	16	# server, but might make attacks slightly more difficult in some cases.
	17
	18	#
	19	# ServerTokens
	20	# This directive configures what you return as the Server HTTP response
	21	# Header. The default is 'Full' which sends information about the OS-Type
	22	# and compiled in modules.
	23	# Set to one of: Full \| OS \| Minimal \| Minor \| Major \| Prod
	24	# where Full conveys the most information, and Prod the least.
	25	#
	26	ServerTokens Minimal
	27	#ServerTokens Full
	28
	29	#
	30	# Optionally add a line containing the server version and virtual host
	31	# name to server-generated pages (internal error documents, FTP directory
	32	# listings, mod_status and mod_info output etc., but not CGI generated
	33	# documents or custom error documents).
	34	# Set to "EMail" to also include a mailto: link to the ServerAdmin.
	35	# Set to one of: On \| Off \| EMail
	36	#
	37	#ServerSignature Off
	38	ServerSignature On
	39
	40	#
	41	# Allow TRACE method
	42	#
	43	# Set to "extended" to also reflect the request body (only for testing and
	44	# diagnostic purposes).
	45	#
	46	# Set to one of: On \| Off \| extended
	47	#
	48	TraceEnable Off
	49	#TraceEnable On
	50