httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph A Nagy Jr <joseph_a_nagy...@charter.net>
Subject Re: [users@httpd] Removing General Host Config From httpd.conf
Date Thu, 22 May 2003 17:09:08 GMT
Joshua Slive wrote:
> On Thu, 22 May 2003, Joseph A Nagy Jr wrote:
> 
> 
>>suexec: enabled; valid wrapper /usr/sbin/suexec; extra mod's installed
> 
> 
>>BTW, any way to disable suexec? I'd rather not have it enabled (and
>>can't believe it's enabled by default!) without having to just compile
>>from source?
> 
> 
> Sure, just remove the execute and/or setuid bits on /usr/sbin/suexec and
> then restart apache.

Thanks.

> 
> As far as your original question goes, there is no way to answer it
> completely, but it is not something I recommend.  The "server-wide" config
> (the stuff outside any <virtualhost> block) serves as the default config
> that can then be overriden inside the the virtual host.  The best
> technique is to set the server-wide config to something as restrictive as
> possible, then unrestrict it where needed for the virtual hosts.  Just
> removing everything in the server-wide config is not a good idea, because
> then apache will fall back on its defaults.  These defaults are there for
> backward compatibility, and are not always the most secure settings.

Oh. Oh well. I just asked 'cause my httpd.conf is like, over 1500 lines 
long! That's a lot of text to page and search through for specific options.

> 
> Joshua.



-- 
Weilder of the mighty +1 LARTsaber of Unsubscribe!


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message