WHM using outdated accept/deny in httpd.conf
Hi,
I noticed that in my httpd.conf the WHM setting related to server-status is still using the outdated allowed/deny rules instead of the newer require rules terminology.
Any particular reason for this or just an oversight?
Regards.
You can change this by using WHM, and updating the 'Tweak Settings' -> 'System' -> 'Allow server-info' option.
# This is used by the WHM 'Apache Status' application
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1
SecRuleEngine Off
modsecurity_rules 'SecRuleEngine Off'
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.0/8 ::1
Regards.
-
Hey there! I did speak with the web server team about this and they are going to get me an update tomorrow. I'll post again once I have more details. 0 -
Thanks for pointing this out. The team has decided we do need to update that language, and there is an internal development case to get that taken care of. Once that happens I'll be sure to post an update here. 0
Please sign in to leave a comment.
Comments
2 comments