[users@httpd] Re: SSL VHosts

2021-09-01 Thread Peter Horn
On 31/8/21 6:10 am, apache-httpd-us...@thomas.freit.ag wrote: Hi Peter, On 30.08.21 04:24, Peter Horn wrote: I have been successfully running an Apache server for some years (currently 2.4.41 on Ubuntu 20.04LTS). I have three "real" http vhosts on port 80, findable through a dynamic DNS

Re: [users@httpd] X-Frame-Options and security

2021-09-01 Thread Eric Covener
On Wed, Sep 1, 2021 at 7:30 PM Dave Wreski wrote: > > Hi, > > I ran a security scan for X-Frame-Options > (https://gf.dev/x-frame-options-test) on our site > (https://linuxsecurity.com), and it returned SAMEORIGIN, which is good, but > it also returned GOFORIT. > > The only settings we have

[users@httpd] X-Frame-Options and security

2021-09-01 Thread Dave Wreski
Hi, I ran a security scan for X-Frame-Options (https://gf.dev/x-frame-options-test) on our site (https://linuxsecurity.com), and it returned SAMEORIGIN, which is good, but it also returned GOFORIT. The only settings we have are the following:     Header set X-XSS-Protection "1;

Re: [users@httpd] Unable to unsubscribe

2021-09-01 Thread Gene Heskett
On Wednesday 01 September 2021 12:46:23 Scott A. Wozny wrote: > Per the instructions in list emails, I've sent a couple emails to > users-unsubscr...@httpd.apache.org this week, but I'm still getting > emails from the list. Any idea what gives? > > Thanks, > > Scott Two things; 1. did you send

Re: [users@httpd] Unable to unsubscribe

2021-09-01 Thread Antony Stone
On Wednesday 01 September 2021 at 18:46:23, Scott A. Wozny wrote: > Per the instructions in list emails, I've sent a couple emails to > users-unsubscr...@httpd.apache.org this week, but I'm still getting emails > from the list. Any idea what gives? Have you received a reply asking you to

[users@httpd] Unable to unsubscribe

2021-09-01 Thread Scott A. Wozny
Per the instructions in list emails, I've sent a couple emails to users-unsubscr...@httpd.apache.org this week, but I'm still getting emails from the list. Any idea what gives? Thanks, Scott

RE: [users@httpd] SSL VHosts [EXT]

2021-09-01 Thread James Smith
> I'd suggest to keep the HTTP vhost for pure redirects and additionally set > the Strict-Transport-Security header on HTTPS requests. With the header, most > browsers will cache the information that HTTPS is enabled for your site and > even enforce it for the time you set in the header. If

Re: [users@httpd] [External] : [users@httpd] Problems compiling under Solaris 10

2021-09-01 Thread Ran Mozes
fyi, I have opened a bug. In case someone is interested or experiencing the same please feel free to add to it: https://bz.apache.org/bugzilla/show_bug.cgi?id=65542 Am 31.08.2021 um 17:08 schrieb Ran Mozes mailto:ran.mo...@oracle.com>>: Thanks. Unfortunately it didn’t work for me. I still get