[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#775176: please don't open tcp/80 by default

> As said before... where Apache listens on and which (whether at all) you
> have vhosts, is in principle independent from each other.
> a2en/dissite should not change the listening behaviour.

Unfortunately the VirtualHost statement defines both IP address
and port for each virtual host. They don't work without the
appropriate Listen statements, so I cannot follow your "independent
from each other".

Can you confirm that the central Listen statement breaks the
modular approach of a2ensite?

> And wrt conf.d, this is IMHO rather other misc stuff, e.g. I put in
> files there which enforces httpOnly or secure on all cookies,... or
> things like that. But it doesn't seem to make much sense to make the
> port-listening such a config snippet which one can disable or enable -
> if you "disable" the port-listening than you effectively disable the
> daemon.

Thats my point: I want to disable apache2 for port 80/tcp without
the risk of loosing this setting on the next package upgrade.

This could be implemented by splitting ports.conf into 2 parts
conf-available/{port80.conf,port443.conf} and to create the symlinks
in conf-enabled (to keep Debian's default). Just a suggestion, of


Reply to: