You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by da...@apache.org on 2018/04/13 08:44:28 UTC

[cloudstack] branch 4.11 updated: CLOUDSTACK-10304: turn off apache2 server tokens and signature in systemvms (#2563)

This is an automated email from the ASF dual-hosted git repository.

dahn pushed a commit to branch 4.11
in repository https://gitbox.apache.org/repos/asf/cloudstack.git


The following commit(s) were added to refs/heads/4.11 by this push:
     new e71d4d4  CLOUDSTACK-10304: turn off apache2 server tokens and signature in systemvms (#2563)
e71d4d4 is described below

commit e71d4d4371fdf1595bb42f152ec544243f2087f2
Author: Rohit Yadav <ro...@apache.org>
AuthorDate: Fri Apr 13 14:14:25 2018 +0530

    CLOUDSTACK-10304: turn off apache2 server tokens and signature in systemvms (#2563)
    
    * systemvm: turn off apache2 server tokens and signature
    
    This turns off apache2 server version signature/token in headers.
    
    Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
    
    * systemvm: remove invalid code as conf.d is not available now
    
    Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
 systemvm/debian/etc/apache2/conf-enabled/security.conf | 3 +++
 systemvm/debian/opt/cloud/bin/setup/common.sh          | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/systemvm/debian/etc/apache2/conf-enabled/security.conf b/systemvm/debian/etc/apache2/conf-enabled/security.conf
new file mode 100644
index 0000000..498d147
--- /dev/null
+++ b/systemvm/debian/etc/apache2/conf-enabled/security.conf
@@ -0,0 +1,3 @@
+ServerTokens Prod
+ServerSignature Off
+TraceEnable Off
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index a84d881..e24a277 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -496,9 +496,6 @@ clean_ipalias_config() {
 
 setup_apache2_common() {
   sed -i 's/^Include ports.conf.*/# CS: Done by Python CsApp config\n#Include ports.conf/g' /etc/apache2/apache2.conf
-  [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerTokens .*/ServerTokens Prod/g" /etc/apache2/conf.d/security
-  [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerSignature .*/ServerSignature Off/g" /etc/apache2/conf.d/security
-
   # Disable listing of http://SSVM-IP/icons folder for security issue. see article http://www.i-lateral.com/tutorials/disabling-the-icons-folder-on-an-ubuntu-web-server/
   [ -f /etc/apache2/mods-available/alias.conf ] && sed -i s/"Options Indexes MultiViews"/"Options -Indexes MultiViews"/ /etc/apache2/mods-available/alias.conf
 

-- 
To stop receiving notification emails like this one, please contact
dahn@apache.org.