2015-08-12 19:36:33 |
Steve Lewis |
bug |
|
|
added bug |
2015-08-12 19:37:41 |
Steve Lewis |
description |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name. |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name.
Currently limited to Horizon and Keystone. |
|
2015-08-12 19:39:53 |
Steve Lewis |
description |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name.
Currently limited to Horizon and Keystone. |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive within the openstack_dashboard.conf.j2 should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name.
Currently limited to Horizon and Keystone. |
|
2015-08-12 19:40:12 |
Steve Lewis |
description |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive within the openstack_dashboard.conf.j2 should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name.
Currently limited to Horizon and Keystone. |
One thing we may want to make sure we do is limit the container from revealing it's hostname: <address>Apache/2.4.7 (Ubuntu) Server at 578127-infra02_horizon_container-044e45f2 Port 443</address>
To hide the version the default should probably be to include the directive "ServerTokens Prod" in /etc/apache2/conf.d/security and perhaps make it configurable.
Similarly the ServerName directive within the virtual host template should be configurable perhaps with a default of the service name instead of the current behavior which includes the full container name.
Currently limited to Horizon and Keystone. |
|
2015-08-13 16:21:46 |
Steve Lewis |
tags |
|
low-hanging-fruit |
|
2015-08-18 16:13:16 |
Jesse Pretorius |
nominated for series |
|
openstack-ansible/trunk |
|
2015-08-18 16:13:16 |
Jesse Pretorius |
bug task added |
|
openstack-ansible/trunk |
|
2015-08-18 16:13:16 |
Jesse Pretorius |
nominated for series |
|
openstack-ansible/kilo |
|
2015-08-18 16:13:16 |
Jesse Pretorius |
bug task added |
|
openstack-ansible/kilo |
|
2015-08-18 16:13:39 |
Jesse Pretorius |
openstack-ansible/kilo: status |
New |
Confirmed |
|
2015-08-18 16:13:41 |
Jesse Pretorius |
openstack-ansible/trunk: status |
New |
Confirmed |
|
2015-08-18 16:14:51 |
Jesse Pretorius |
openstack-ansible/kilo: importance |
Undecided |
Low |
|
2015-08-18 16:14:53 |
Jesse Pretorius |
openstack-ansible/trunk: importance |
Undecided |
Low |
|
2015-08-18 16:15:15 |
Jesse Pretorius |
openstack-ansible/kilo: milestone |
|
11.2.0 |
|
2015-08-19 12:18:22 |
Jean-Philippe Evrard |
openstack-ansible/trunk: assignee |
|
Jean-Philippe Evrard (jean-philippe-evrard) |
|
2015-08-19 13:15:48 |
OpenStack Infra |
openstack-ansible: status |
Confirmed |
In Progress |
|
2015-08-20 10:32:50 |
OpenStack Infra |
openstack-ansible: status |
In Progress |
Fix Committed |
|
2015-08-20 16:25:16 |
OpenStack Infra |
openstack-ansible/kilo: status |
Confirmed |
Fix Committed |
|
2015-08-22 11:32:22 |
Jesse Pretorius |
openstack-ansible/trunk: milestone |
|
liberty-3 |
|
2015-08-22 11:32:39 |
Jesse Pretorius |
openstack-ansible/kilo: assignee |
|
Jesse Pretorius (jesse-pretorius) |
|
2015-09-03 10:42:57 |
Jesse Pretorius |
tags |
low-hanging-fruit |
|
|
2015-09-03 15:08:05 |
Jesse Pretorius |
openstack-ansible/kilo: status |
Fix Committed |
Fix Released |
|
2015-09-14 08:58:23 |
Jesse Pretorius |
openstack-ansible/trunk: status |
Fix Committed |
Fix Released |
|