httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: server-status and privacy
Date Wed, 23 Jun 2010 15:49:04 GMT

On Jun 21, 2010, at 1:07 PM, Jeff Trawick wrote:

> On Mon, Jun 21, 2010 at 8:40 AM, Jim Jagielski <jim@jagunet.com> wrote:
>> There have been a few reports regarding how server-status "leaks"
>> info, mostly about our (the ASF's) open use of server-status and
>> how IP addresses are exposed.
>> 
>> I'm thinking about a patch that adjusts server-status/mod_status
>> to have a "public vs. private" setting... Public would be to
>> have IP addresses exposed as public info; private would be to
>> not expose 'em (keep 'em private).
> 
> use mod_sed or similar on apache.org to change the client IP address
> field to "?"
> 

True... so I'm guessing this means that the patch would
be unacceptable?

Mime
View raw message