X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=drupal-configs%2Fshopserver%2Fapache2%2Fconf-available%2Fsecurity.conf;fp=drupal-configs%2Fshopserver%2Fapache2%2Fconf-available%2Fsecurity.conf;h=599333b144b8e5dc5a6ad76d1988ad21a9d22186;hb=436d9fbf7640854020e4f4980a2c6d15eebc6802;hp=0000000000000000000000000000000000000000;hpb=b022587f81181617369cf1406aa7eb8577c1676c;p=eostre.git

diff --git a/drupal-configs/shopserver/apache2/conf-available/security.conf b/drupal-configs/shopserver/apache2/conf-available/security.conf
new file mode 100644
index 0000000..599333b
--- /dev/null
+++ b/drupal-configs/shopserver/apache2/conf-available/security.conf
@@ -0,0 +1,74 @@
+#
+# Disable access to the entire file system except for the directories that
+# are explicitly allowed later.
+#
+# This currently breaks the configurations that come with some web application
+# Debian packages.
+#
+#<Directory />
+#   AllowOverride None
+#   Order Deny,Allow
+#   Deny from all
+#</Directory>
+
+
+# Changing the following options will not really affect the security of the
+# server, but might make attacks slightly more difficult in some cases.
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of:  Full | OS | Minimal | Minor | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#ServerTokens Minimal
+ServerTokens OS
+#ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of:  On | Off | EMail
+#ServerSignature Off
+ServerSignature On
+
+#
+# Allow TRACE method
+#
+# Set to "extended" to also reflect the request body (only for testing and
+# diagnostic purposes).
+#
+# Set to one of:  On | Off | extended
+TraceEnable Off
+#TraceEnable On
+
+#
+# Forbid access to version control directories
+#
+# If you use version control systems in your document root, you should
+# probably deny access to their directories. For example, for subversion:
+#
+#<DirectoryMatch "/\.svn">
+#   Require all denied
+#</DirectoryMatch>
+
+#
+# Setting this header will prevent MSIE from interpreting files as something
+# else than declared by the content type in the HTTP headers.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Content-Type-Options: "nosniff"
+
+#
+# Setting this header will prevent other sites from embedding pages from this
+# site as frames. This defends against clickjacking attacks.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Frame-Options: "sameorigin"
+
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
