On Thu, May 24, 2018 at 2:09 PM, Eric Covener <cove...@gmail.com> wrote:
> Thinking about base server and how scanners report it the "vulnerability"...
> AllowUnmatchedHost[name]?
> RejectUnknownHost[name]?

The one or the other is probably a better name than UseDefaultVHost,
it allows to specify it by vhost (really meaningful on base servers
though) OR globally to avoid using fake base servers in the whole
configuration (when relevant).
Looks good to me.

Reply via email to