Bug#260063: apache2: suggestion to add new file - conf.d/security.conf
Package: apache2
Version: 2.0.50-5
Severity: wishlist
Tags: security
Perhaps there could be a separate configuration file that
woould control the default security setings. I'm not sure
if conf.d/ is meant solely for user settings, but it could
be one possibility to include:
conf.d/security.conf
For a start, it could include statement:
<Files ~ "\.htpasswd">
Order allow,deny
Deny from all
</Files>
Other settings that user could enable could be added in comments, like:
#<Directory />
# # DENY by default. Later, Explicitly allow access to directories.
# Order Deny,Allow
# Deny from all
#</Directory>
-- System Information:
Debian Release: testing/unstable
Architecture: i386 (i686)
Kernel: Linux 2.4.26.20040601
Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL set to en_US)
Versions of packages apache2 depends on:
ii apache2-mpm-prefork 2.0.50-5 Traditional model for Apache2
-- debconf-show failed
Reply to: