[PATCH 2/4] httpd: disable sending ETag header completely

12 Apr 2021

These cause caching trouble and pose a potential security risk due to
exposing inode numbers of files within the Apache site directories on an
IPFire machine.
Signed-off-by: Peter Müller peter.mueller@ipfire.org
---
 config/httpd/global.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/httpd/global.conf b/config/httpd/global.conf
index cc8000379..46878baf5 100644
--- a/config/httpd/global.conf
+++ b/config/httpd/global.conf
@@ -8,6 +8,7 @@ Include /etc/httpd/conf/hostname.conf
 HostnameLookups off
 AddHandler cgi-script .cgi
 EnableSendfile Off
+FileETag None
# Always unset HTTP_PROXY variable, https://httpoxy.org
 RequestHeader unset Proxy early
-- 
2.26.2

    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[PATCH 2/4] httpd: disable sending ETag header completely