diff options
| author | Jim Jagielski <jim@apache.org> | 2009-09-02 14:22:32 +0200 |
|---|---|---|
| committer | Jim Jagielski <jim@apache.org> | 2009-09-02 14:22:32 +0200 |
| commit | e35ab9433b655da59a32ef2775cd1b1ba7118d5b (patch) | |
| tree | 1e7abe8b2cebf0759beae6635431bc5810f72da5 /docs | |
| parent | Changed the name of the IRC channel a while back. Fixing it in the FAQ (diff) | |
| download | apache2-e35ab9433b655da59a32ef2775cd1b1ba7118d5b.tar.xz apache2-e35ab9433b655da59a32ef2775cd1b1ba7118d5b.zip | |
doccos for soon to be reverted code.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@810477 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/manual/mod/core.xml | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml index 83a04aae1a..0d714194b8 100644 --- a/docs/manual/mod/core.xml +++ b/docs/manual/mod/core.xml @@ -2862,7 +2862,7 @@ is accessed by an incompatible browser</description> <name>ServerTokens</name> <description>Configures the <code>Server</code> HTTP response header</description> -<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</syntax> +<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full|Off|Set</syntax> <default>ServerTokens Full</default> <contextlist><context>server config</context></contextlist> @@ -2873,10 +2873,10 @@ header</description> information about compiled-in modules.</p> <dl> - <dt><code>ServerTokens Off</code></dt> + <dt><code>ServerTokens Full</code> (or not specified)</dt> - <dd>Server sends no <code>Server:</code> header - (and <code>SERVER_SOFTWARE</code> is blank)</dd> + <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41 + (Unix) PHP/4.2.2 MyMod/1.2</code></dd> <dt><code>ServerTokens Prod[uctOnly]</code></dt> @@ -2911,10 +2911,11 @@ header</description> there are any embedded spaces. </dd> - <dt><code>ServerTokens Full</code> (or not specified)</dt> + <dt><code>ServerTokens Off</code></dt> + + <dd>Server sends no <code>Server:</code> header + (and <code>SERVER_SOFTWARE</code> is blank)</dd> - <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41 - (Unix) PHP/4.2.2 MyMod/1.2</code></dd> </dl> <p>This setting applies to the entire server, and cannot be @@ -2923,6 +2924,14 @@ header</description> <p>After version 2.0.44, this directive also controls the information presented by the <directive module="core">ServerSignature</directive> directive.</p> + + <note>Setting <directive>ServerTokens</directive> to less than + <code>minimal</code> is not recommended because it makes it more + difficult to debug interoperational problems. Also note that + disabling the Server: header does nothing at all to make your + server more secure; the idea of "security through obscurity" + is a myth and leads to a false sense of safety.</note> + </usage> <seealso><directive module="core">ServerSignature</directive></seealso> </directivesynopsis> |