[Phpwm] mod_frontpage

Andy Cowan andyc at waverider.net.uk
Fri Feb 8 14:16:39 GMT 2008


Hi Phil,

I've not been on the list long - years of being on the Internet have made me a bit jaded about mailing lists, but looking at the acghive, this one looks like it might actually be quite useful :-)

Anyway, your server

www.netcraft.com says:

Linux  Apache/1.3.37 Built by www.zeffie.com (Unix) mod_ssl/2.8.28 OpenSSL/0.9.8d PHP/5.0.4 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.29  8-Feb-2008  212.105.190.xxx

Bit more information than you expected to be giving away :-)

Good practice to edit the httpd.conf and turn ServerSignature off, so you don’t give away so much information to a potential attacker.

That will probably cure your audit problem.

You want to remove the frontpage extensions too - you don’t need them and I'd be very surprised if your customers do. That version is a security risk - edit the httpd.conf, find the LoadModule line that mentioned mod_frontpage and comment out. Restart apache.

A.

-----Original Message-----
From: phpwm-bounces at mailman.lug.org.uk [mailto:phpwm-bounces at mailman.lug.org.uk] On Behalf Of Phil Beynon
Sent: 08 February 2008 11:44
To: West Midlands PHP User Group
Subject: RE: [Phpwm] mod_frontpage

> | It's really just about the only thing that's giving grief on this now,
> apart
> | from tweaking the PHP and MySQL versions to the latest - I've
> even managed
> | to update BIND and stop the DNS recursion lookups.
> |
>
> Apache may say, if you try and get a 404 error page...
>
> David.
>

Hi David,
Default Raq 404 just says  "The requested URL was not found on this server."

Phil
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.21/1265 - Release Date: 07/02/2008
11:17

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.21/1263 - Release Date: 06/02/2008 20:14



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.21/1263 - Release Date: 06/02/2008 20:14


Wave Rider Internet is a trading style of OpenSense Ltd.
Registered in England and Wales No 04999653



More information about the Phpwm mailing list