On Mon, Jun 21, 2010 at 8:40 AM, Jim Jagielski <[email protected]> wrote: > There have been a few reports regarding how server-status "leaks" > info, mostly about our (the ASF's) open use of server-status and > how IP addresses are exposed. > > I'm thinking about a patch that adjusts server-status/mod_status > to have a "public vs. private" setting... Public would be to > have IP addresses exposed as public info; private would be to > not expose 'em (keep 'em private).
use mod_sed or similar on apache.org to change the client IP address field to "?"
