That sounds like a simple feat for mod_md, since it scans and collects that information already.
> Am 30.11.2017 um 04:08 schrieb Eric Covener <cove...@gmail.com>: > > At $dayjob I am seeing a lot of users running scans that flag any HTTP > response that incorporates the Host header into the response as > "vulnerable", even if the host is syntactically valid. > > AIUI the standard solution is to create a default NVH for each > host:port combo to trap unknowns and use it to return an error. But > this is a lot of work. Rewrite has its own baggage (add it global, > add it to each VH, add it before other rewrites) > > (things like proxy and CGI/PHP mean UseCanonicalName is insufficient) > > Nothing currently crawls all ServerName/ServerAlias, becuase we always > select the best IP-based match firs then compare strings from the > result. > > Is anyone else interested in another way to configure this? Would you > want to crawl all servername/serveralias when enabled or pass in a > separate whitelist to a new directive? With the latter, you could at > least make sure the e.g. *.example.com showed up without checking the > gory details. > > > -- > Eric Covener > cove...@gmail.com