[Phpwm] Apache DoS vulnerability
David Goodwin
david at codepoets.co.uk
Fri Aug 26 08:53:26 UTC 2011
On 26 Aug 2011, at 09:14, Jon Spriggs wrote:
> If you're loading the headers module, why not put that into
> /etc/apache2/mods-available/headers.conf and then run the a2enmod
> headers?
>
> I'll be adding a note to that effect on that blog post.
>
My choice of apache2.conf was probably based on the fact that some of my customers use RHEL/CentOS and others Debian - and the layout for Apache configuration files isn't the same...
/etc/apache2/apache2.conf on Debian
/etc/httpd/conf/httpd.conf on RHEL which doesn't have a mods-(enabled|available) directory and so on.
In my mind httpd.conf & apache2.conf are essentially the same file. I suppose a more logical approach would have been to use the conf.d folder(s) which they both support.
I've not yet advanced to the stage where I use something like puppet to roll such changes out.
David.
More information about the Phpwm
mailing list