[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#698967: apache2 default conf file contains Listen directive

Package: apache2
Version: 2.2.22-12
Severity: minor

This was originally reported in Ubuntu at https://bugs.launchpad.net/bugs/1105411

This is the content of the bug as it exists in Ubuntu's bug tracker on Launchpad:
The default Apache 2 config file /etc/apache2/ports.conf contains a Listen directive.

This directive is extraneous and unnecessary: The default configuration includes a VirtualHost that listens on Port 80. SSL configurations listen on Port 443. Removing the global Listen directives does not change this behavior; however if the default site is removed or moved to another port, Apache continues to listen on that port. For example, if Apache listens on Port 80 and you change the default site to listen on port 1080, Apache will listen on Port 80 and Port 1080 due to the Listen directive in ports.conf.

By removing or commenting the Listen directive, Apache will no longer listen on Port 80 if no VirtualHost exists that specifies Port 80. This reduces the number of open ports, and leaves Port 80 open for other applications.

Leaving the Listen directive in ports.conf as-is is not particularly harmful; it does however lead to minor, momentary confusion or excessive open ports when unfamiliar users configure Apache in exotic ways. As it is unnecessary, it should be disabled.

Reply to: