Eolisation de l'applicatif MSE
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

mse-apache-security.conf 2.1KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. #
  2. # Disable access to the entire file system except for the directories that
  3. # are explicitly allowed later.
  4. #
  5. # This currently breaks the configurations that come with some web application
  6. # Debian packages.
  7. #
  8. #<Directory />
  9. # AllowOverride None
  10. # Require all denied
  11. #</Directory>
  12. # Changing the following options will not really affect the security of the
  13. # server, but might make attacks slightly more difficult in some cases.
  14. #
  15. # ServerTokens
  16. # This directive configures what you return as the Server HTTP response
  17. # Header. The default is 'Full' which sends information about the OS-Type
  18. # and compiled in modules.
  19. # Set to one of: Full | OS | Minimal | Minor | Major | Prod
  20. # where Full conveys the most information, and Prod the least.
  21. #ServerTokens Minimal
  22. #ServerTokens OS
  23. #ServerTokens Full
  24. ServerTokens Prod
  25. #
  26. # Optionally add a line containing the server version and virtual host
  27. # name to server-generated pages (internal error documents, FTP directory
  28. # listings, mod_status and mod_info output etc., but not CGI generated
  29. # documents or custom error documents).
  30. # Set to "EMail" to also include a mailto: link to the ServerAdmin.
  31. # Set to one of: On | Off | EMail
  32. #ServerSignature Off
  33. ServerSignature On
  34. #
  35. # Allow TRACE method
  36. #
  37. # Set to "extended" to also reflect the request body (only for testing and
  38. # diagnostic purposes).
  39. #
  40. # Set to one of: On | Off | extended
  41. TraceEnable Off
  42. #TraceEnable On
  43. #
  44. # Forbid access to version control directories
  45. #
  46. # If you use version control systems in your document root, you should
  47. # probably deny access to their directories. For example, for subversion:
  48. #
  49. #<DirectoryMatch "/\.svn">
  50. # Require all denied
  51. #</DirectoryMatch>
  52. #
  53. # Setting this header will prevent MSIE from interpreting files as something
  54. # else than declared by the content type in the HTTP headers.
  55. # Requires mod_headers to be enabled.
  56. #
  57. #Header set X-Content-Type-Options: "nosniff"
  58. #
  59. # Setting this header will prevent other sites from embedding pages from this
  60. # site as frames. This defends against clickjacking attacks.
  61. # Requires mod_headers to be enabled.
  62. #
  63. #Header set X-Frame-Options: "sameorigin"
  64. # vim: syntax=apache ts=4 sw=4 sts=4 sr noet