436d9fbf |
1 | # |
2 | # Disable access to the entire file system except for the directories that |
3 | # are explicitly allowed later. |
4 | # |
5 | # This currently breaks the configurations that come with some web application |
6 | # Debian packages. |
7 | # |
8 | #<Directory /> |
9 | # AllowOverride None |
09c20003 |
10 | # Require all denied |
436d9fbf |
11 | #</Directory> |
12 | |
13 | |
14 | # Changing the following options will not really affect the security of the |
15 | # server, but might make attacks slightly more difficult in some cases. |
16 | |
17 | # |
18 | # ServerTokens |
19 | # This directive configures what you return as the Server HTTP response |
20 | # Header. The default is 'Full' which sends information about the OS-Type |
21 | # and compiled in modules. |
22 | # Set to one of: Full | OS | Minimal | Minor | Major | Prod |
23 | # where Full conveys the most information, and Prod the least. |
24 | #ServerTokens Minimal |
25 | ServerTokens OS |
26 | #ServerTokens Full |
27 | |
28 | # |
29 | # Optionally add a line containing the server version and virtual host |
30 | # name to server-generated pages (internal error documents, FTP directory |
31 | # listings, mod_status and mod_info output etc., but not CGI generated |
32 | # documents or custom error documents). |
33 | # Set to "EMail" to also include a mailto: link to the ServerAdmin. |
34 | # Set to one of: On | Off | EMail |
35 | #ServerSignature Off |
36 | ServerSignature On |
37 | |
38 | # |
39 | # Allow TRACE method |
40 | # |
41 | # Set to "extended" to also reflect the request body (only for testing and |
42 | # diagnostic purposes). |
43 | # |
44 | # Set to one of: On | Off | extended |
45 | TraceEnable Off |
46 | #TraceEnable On |
47 | |
48 | # |
49 | # Forbid access to version control directories |
50 | # |
51 | # If you use version control systems in your document root, you should |
52 | # probably deny access to their directories. For example, for subversion: |
53 | # |
54 | #<DirectoryMatch "/\.svn"> |
55 | # Require all denied |
56 | #</DirectoryMatch> |
57 | |
58 | # |
59 | # Setting this header will prevent MSIE from interpreting files as something |
60 | # else than declared by the content type in the HTTP headers. |
61 | # Requires mod_headers to be enabled. |
62 | # |
63 | #Header set X-Content-Type-Options: "nosniff" |
64 | |
65 | # |
66 | # Setting this header will prevent other sites from embedding pages from this |
67 | # site as frames. This defends against clickjacking attacks. |
68 | # Requires mod_headers to be enabled. |
69 | # |
70 | #Header set X-Frame-Options: "sameorigin" |
71 | |
72 | |
73 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet |