You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2009/09/02 14:22:33 UTC

svn commit: r810477 - /httpd/httpd/trunk/docs/manual/mod/core.xml

Author: jim
Date: Wed Sep  2 12:22:32 2009
New Revision: 810477

URL: http://svn.apache.org/viewvc?rev=810477&view=rev
Log:
doccos for soon to be reverted code.

Modified:
    httpd/httpd/trunk/docs/manual/mod/core.xml

Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=810477&r1=810476&r2=810477&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Wed Sep  2 12:22:32 2009
@@ -2862,7 +2862,7 @@
 <name>ServerTokens</name>
 <description>Configures the <code>Server</code> HTTP response
 header</description>
-<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</syntax>
+<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full|Off|Set</syntax>
 <default>ServerTokens Full</default>
 <contextlist><context>server config</context></contextlist>
 
@@ -2873,10 +2873,10 @@
     information about compiled-in modules.</p>
 
     <dl>
-      <dt><code>ServerTokens Off</code></dt>
+      <dt><code>ServerTokens Full</code> (or not specified)</dt>
 
-      <dd>Server sends no <code>Server:</code> header
-      (and <code>SERVER_SOFTWARE</code> is blank)</dd>
+      <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
+      (Unix) PHP/4.2.2 MyMod/1.2</code></dd>
 
       <dt><code>ServerTokens Prod[uctOnly]</code></dt>
 
@@ -2911,10 +2911,11 @@
       there are any embedded spaces.
       </dd>
 
-      <dt><code>ServerTokens Full</code> (or not specified)</dt>
+      <dt><code>ServerTokens Off</code></dt>
+
+      <dd>Server sends no <code>Server:</code> header
+      (and <code>SERVER_SOFTWARE</code> is blank)</dd>
 
-      <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
-      (Unix) PHP/4.2.2 MyMod/1.2</code></dd>
     </dl>
 
     <p>This setting applies to the entire server, and cannot be
@@ -2923,6 +2924,14 @@
     <p>After version 2.0.44, this directive also controls the
     information presented by the <directive
     module="core">ServerSignature</directive> directive.</p>
+    
+    <note>Setting <directive>ServerTokens</directive> to less than
+    <code>minimal</code> is not recommended because it makes it more
+    difficult to debug interoperational problems. Also note that
+    disabling the Server: header does nothing at all to make your
+    server more secure; the idea of "security through obscurity"
+    is a myth and leads to a false sense of safety.</note>
+
 </usage>
 <seealso><directive module="core">ServerSignature</directive></seealso>
 </directivesynopsis>