You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2018/04/13 08:44:28 UTC
[cloudstack] branch 4.11 updated: CLOUDSTACK-10304: turn off
apache2 server tokens and signature in systemvms (#2563)
This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch 4.11
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.11 by this push:
new e71d4d4 CLOUDSTACK-10304: turn off apache2 server tokens and signature in systemvms (#2563)
e71d4d4 is described below
commit e71d4d4371fdf1595bb42f152ec544243f2087f2
Author: Rohit Yadav <ro...@apache.org>
AuthorDate: Fri Apr 13 14:14:25 2018 +0530
CLOUDSTACK-10304: turn off apache2 server tokens and signature in systemvms (#2563)
* systemvm: turn off apache2 server tokens and signature
This turns off apache2 server version signature/token in headers.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
* systemvm: remove invalid code as conf.d is not available now
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/etc/apache2/conf-enabled/security.conf | 3 +++
systemvm/debian/opt/cloud/bin/setup/common.sh | 3 ---
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/systemvm/debian/etc/apache2/conf-enabled/security.conf b/systemvm/debian/etc/apache2/conf-enabled/security.conf
new file mode 100644
index 0000000..498d147
--- /dev/null
+++ b/systemvm/debian/etc/apache2/conf-enabled/security.conf
@@ -0,0 +1,3 @@
+ServerTokens Prod
+ServerSignature Off
+TraceEnable Off
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index a84d881..e24a277 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -496,9 +496,6 @@ clean_ipalias_config() {
setup_apache2_common() {
sed -i 's/^Include ports.conf.*/# CS: Done by Python CsApp config\n#Include ports.conf/g' /etc/apache2/apache2.conf
- [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerTokens .*/ServerTokens Prod/g" /etc/apache2/conf.d/security
- [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerSignature .*/ServerSignature Off/g" /etc/apache2/conf.d/security
-
# Disable listing of http://SSVM-IP/icons folder for security issue. see article http://www.i-lateral.com/tutorials/disabling-the-icons-folder-on-an-ubuntu-web-server/
[ -f /etc/apache2/mods-available/alias.conf ] && sed -i s/"Options Indexes MultiViews"/"Options -Indexes MultiViews"/ /etc/apache2/mods-available/alias.conf
--
To stop receiving notification emails like this one, please contact
dahn@apache.org.