On Jun 21, 2010, at 1:07 PM, Jeff Trawick wrote: > On Mon, Jun 21, 2010 at 8:40 AM, Jim Jagielski <[email protected]> wrote: >> There have been a few reports regarding how server-status "leaks" >> info, mostly about our (the ASF's) open use of server-status and >> how IP addresses are exposed. >> >> I'm thinking about a patch that adjusts server-status/mod_status >> to have a "public vs. private" setting... Public would be to >> have IP addresses exposed as public info; private would be to >> not expose 'em (keep 'em private). > > use mod_sed or similar on apache.org to change the client IP address > field to "?" >
True... so I'm guessing this means that the patch would be unacceptable?
