On Mon, Dec 6, 2010 at 1:56 PM, J.Lance Wilkinson <[email protected]> wrote: > Eric Covener wrote: >> >> On Mon, Dec 6, 2010 at 1:42 PM, Dave Stevens <[email protected]> wrote: > >> .... >>> >>> Well, I hadn't, but it seems as if from a security point of view it might >>> not >>> be a bad idea. Is there any history or discussion on that? or perhaps a >>> reference I can read up on? >> >> http://httpd.apache.org/docs/current/mod/core.html#servertokens >> >> There hasn't been much discussion that the info should be hidden by >> default. >> > > Well, under the theory that letting a "hacker" know anything about the > platform they may be trying to infiltrate gives them useful information
Sorry, I meant discussion beyond this obvious implication of the default value. -- Eric Covener [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
