84063 – net-www/apache-2.0.52-r1: change setting of ServerTokens in commonapache2.conf

Bug 84063 - net-www/apache-2.0.52-r1: change setting of ServerTokens in commonapache2.conf

Summary: net-www/apache-2.0.52-r1: change setting of ServerTokens in commonapache2.conf

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Apache Team - Bugzilla Reports

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-03-04 02:29 UTC by Toralf Förster
Modified:	2005-04-21 04:06 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Toralf Förster gentoo-dev

2005-03-04 02:29:10 UTC

nhh221 /etc/apache2/conf # grep ServerTokens commonapache2.conf
### ServerTokens
ServerTokens Full

I wonder whether the setting:
ServerTokens Prod

instead of "Full" is more secure ?

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Elfyn McBratney (beu) (RETIRED) gentoo-dev

2005-03-13 20:28:58 UTC

Full is the default upstream, but I would be in favour of this change.  Anyone against changing ServerTokens to 'Prod' ?

Comment 2 Robin Johnson archtester

2005-03-13 21:54:33 UTC

This is only security by obscurity, but I've got no solid objections against it (as can tweak it anyway).

Comment 3 Benedikt Böhm (RETIRED) gentoo-dev

2005-04-21 04:06:46 UTC

in cvs