conf.d/security

   1 #
   2 # Disable access to the entire file system except for the directories that
   3 # are explicitly allowed later.
   4 #
   5 # This currently breaks the configurations that come with some web application
   6 # Debian packages. It will be made the default for the release after lenny.
   7 #
   8 <Directory />
   9         AllowOverride None
  10         Order Deny,Allow
  11         Deny from all
  12 </Directory>
  13
  14
  15 # Changing the following options will not really affect the security of the
  16 # server, but might make attacks slightly more difficult in some cases.
  17
  18 #
  19 # ServerTokens
  20 # This directive configures what you return as the Server HTTP response
  21 # Header. The default is 'Full' which sends information about the OS-Type
  22 # and compiled in modules.
  23 # Set to one of:  Full | OS | Minimal | Minor | Major | Prod
  24 # where Full conveys the most information, and Prod the least.
  25 #
  26 ServerTokens Minimal
  27 #ServerTokens Full
  28
  29 #
  30 # Optionally add a line containing the server version and virtual host
  31 # name to server-generated pages (internal error documents, FTP directory
  32 # listings, mod_status and mod_info output etc., but not CGI generated
  33 # documents or custom error documents).
  34 # Set to "EMail" to also include a mailto: link to the ServerAdmin.
  35 # Set to one of:  On | Off | EMail
  36 #
  37 #ServerSignature Off
  38 ServerSignature On
  39
  40 #
  41 # Allow TRACE method
  42 #
  43 # Set to "extended" to also reflect the request body (only for testing and
  44 # diagnostic purposes).
  45 #
  46 # Set to one of:  On | Off | extended
  47 #
  48 TraceEnable Off
  49 #TraceEnable On
  50