Hi!
this looks good and I think it is ready to be merged unless anybody else has any objections.
I do have one question tho: Do we need to enable all these new modules there? The point is that fewer modules would give us less attack surface.
The modules added by me are:
+LoadModule socache_shmcb_module /usr/lib/apache/mod_socache_shmcb.so
This module is a memory-based cache provider for the SSLSessionCache.
+LoadModule unixd_module /usr/lib/apache/mod_unixd.so
This module is needed, because of the Group and User directive that change the user/group of Apache after startup (in uid.conf).
+LoadModule authn_core_module /usr/lib/apache/mod_authn_core.so
This module provides common authentication methods (AuthType, AuthName).
+LoadModule authz_core_module /usr/lib/apache/mod_authz_core.so
This module provides the Require-directive.
From the existing modules, it is possible to deactivate:
auth_digest_module - I never saw anyone using digest authentication (basic is the one that is commonly chosen) autoindex_module - Since we are not using the fancy indexing features of apache
Do we actually need the php5 module? ;-) The web interface does not need it, but apparently a lot of packages need it...
Additionally, cgi was substituted with cgid.
Best regards, Wolfgang