httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] HTTP header fields
Date Mon, 06 Dec 2010 19:02:56 GMT
On Mon, Dec 6, 2010 at 1:56 PM, J.Lance Wilkinson <jlw12@psulias.psu.edu> wrote:
> Eric Covener wrote:
>>
>> On Mon, Dec 6, 2010 at 1:42 PM, Dave Stevens <geek@uniserve.com> wrote:
>
>> ....
>>>
>>> Well, I hadn't, but it seems as if from a security point of view it might
>>> not
>>> be a bad idea. Is there any history or discussion on that? or perhaps a
>>> reference I can read up on?
>>
>> http://httpd.apache.org/docs/current/mod/core.html#servertokens
>>
>> There hasn't been much discussion that the info should be hidden by
>> default.
>>
>
>        Well, under the theory that letting a "hacker" know anything about the
>        platform they may be trying to infiltrate gives them useful information


Sorry, I meant discussion beyond this obvious implication of the default value.

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message