I need a confirmation from someone. I recently installed a fresh ISPConfig3 system and found a typo. Basically it's about the directive "ServerTokens" into the file /etc/apache2/conf.d/security Code: # # ServerTokens # This directive configures what you return as the Server HTTP response # Header. The default is 'Full' which sends information about the OS-Type # and compiled in modules. # Set to one of: Full | OS | Minimal | Minor | Major | Prod # where Full conveys the most information, and Prod the least. # #ServerTokens Minimal ServerToken OS #ServerTokens Full Is it a bug from ISPConfig or Debian ? For a reason i can't understand I've changed by adding the letter "s" at the end and changed "OS" to "Prod"; it is working, but when i remove the letter "s" at the end of ServerTokens Apache fails to restart.
I checked the file on my wheezy server, it has this content: Code: #ServerTokens Minimal ServerTokens OS #ServerTokens Full and I havent altered that file, its the stock file from debian.
Thanks,I'll check with another server another time... This is strange because I've never opened that file. I've used a web config tool online that checked my server security and pointed me to that file. Thanks.
