Package: apache2.2-common Version: 2.2.16-4 Severity: wishlist Hi. IMHO, mod_authn_default should be enabled in the default config, just as mod_authz_default already is. It probides a fall-back (denying) authorisation provider. Cheers, Chris.