Typo inside Apache2 security directive ?

Discussion in 'Developers' Forum' started by Nioubee, Feb 11, 2014.

  1. Nioubee

    Nioubee New Member

    I need a confirmation from someone.

    I recently installed a fresh ISPConfig3 system and found a typo.

    Basically it's about the directive "ServerTokens" into the file /etc/apache2/conf.d/security


    Code:
    #
    # ServerTokens
    # This directive configures what you return as the Server HTTP response
    # Header. The default is 'Full' which sends information about the OS-Type
    # and compiled in modules.
    # Set to one of:  Full | OS | Minimal | Minor | Major | Prod
    # where Full conveys the most information, and Prod the least.
    #
    #ServerTokens Minimal
    ServerToken OS
    #ServerTokens Full
    
    Is it a bug from ISPConfig or Debian ?

    For a reason i can't understand I've changed by adding the letter "s" at the end and changed "OS" to "Prod"; it is working, but when i remove the letter "s" at the end of ServerTokens Apache fails to restart.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This file is not managed or altered by ispconfig, you might want to report the issue to debian.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    I checked the file on my wheezy server, it has this content:

    Code:
    #ServerTokens Minimal
    ServerTokens OS
    #ServerTokens Full
    
    
    and I havent altered that file, its the stock file from debian.
     
  4. Nioubee

    Nioubee New Member

    Thanks,I'll check with another server another time... This is strange because I've never opened that file. I've used a web config tool online that checked my server security and pointed me to that file.

    Thanks.
     

Share This Page