Libravatar (obsolete)

Apache tuning

Bug #1163626 reported by François Marier on 2013-04-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Libravatar (obsolete)	Triaged	Low	Unassigned

Bug Description

There are a couple of easy things to tune on our Apache config files:

* disable unused modules
* set AllowOverride to None
* Disable SymlinksIfOwnerMatch

Tags:

Revision history for this message

François Marier (fmarier) wrote on 2013-08-06:

AllowOverride is on by default.

Revision history for this message

François Marier (fmarier) wrote on 2013-09-10:

These modules are currently enabled on production:

$ ls /etc/apache2/mods-enabled/*.load
alias.load
auth_basic.load
authn_file.load
authz_default.load
authz_groupfile.load
authz_host.load
authz_user.load
autoindex.load
cgid.load
deflate.load
dir.load
env.load
expires.load
headers.load
mime.load
negotiation.load
reqtimeout.load
rewrite.load
setenvif.load
ssl.load
status.load
wsgi.conf
wsgi.load

We should investigate whether these are needed:

authn_file.load
authz_default.load
authz_groupfile.load
authz_host.load
authz_user.load
autoindex.load
cgid.load
dir.load
mime.load
negotiation.load
reqtimeout.load
status.load

François Marier (fmarier) on 2017-05-29

Changed in libravatar:
assignee:	François Marier (fmarier) → nobody

Revision history for this message

François Marier (fmarier) wrote on 2017-06-02:

Related to this is the idea of hardening the config: https://wiki.debian.org/Apache/Hardening

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.