ClearFoundation Tracker - ClearOS | ||||||||||
| View Issue Details | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |||||
| 0000967 | ClearOS | app-php - PHP | public | 2013-02-01 20:29 | 2013-04-26 19:44 | |||||
| Reporter | user2 | |||||||||
| Assigned To | ||||||||||
| Priority | normal | Severity | tweak | Reproducibility | N/A | |||||
| Status | closed | Resolution | fixed | |||||||
| Platform | OS | OS Version | ||||||||
| Product Version | ||||||||||
| Target Version | Fixed in Version | |||||||||
| Summary | 0000967: Disable version information for Apache and PHP | |||||||||
| Description | From a forum post... Here are a couple of changes that you can make that might prevent the scanner from doing version detection. You can hide the version information coming from Apache by changing the ServerTokens parameter in /etc/httpd/conf/httpd.conf: ServerTokens Prod Similarly for PHP, the expose_php parameter should be changed in /etc/php.ini: expose_php = Off Restart the web server after making the changes: # service httpd restart A web page request will no longer get presented with version information: | |||||||||
| Steps To Reproduce | ||||||||||
| Additional Information | ||||||||||
| Tags | No tags attached. | |||||||||
| Relationships |
| |||||||||
| Attached Files | ||||||||||
| Issue History | ||||||||||
| Date Modified | Username | Field | Change | |||||||
| 2013-02-01 20:29 | user2 | New Issue | ||||||||
| 2013-02-01 20:29 | user2 | Issue generated from: 0000956 | ||||||||
| 2013-02-01 20:29 | user2 | Relationship added | related to 0000956 | |||||||
| 2013-02-01 20:41 | user2 | Status | new => confirmed | |||||||
| 2013-02-01 20:41 | user2 | Checkin | ||||||||
| 2013-02-01 20:41 | user2 | Note Added: 0000670 | ||||||||
| 2013-02-01 20:41 | user2 | Status | confirmed => resolved | |||||||
| 2013-02-01 20:41 | user2 | Resolution | open => fixed | |||||||
| 2013-04-26 19:44 | user2 | Status | resolved => closed | |||||||
| Notes | |||||
|
|
|||||
|
|
||||