-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-##
-
#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
-# Debian packages. It will be made the default for the release after lenny.
+# Debian packages.
#
#<Directory />
-# AllowOverride None
-# Order Deny,Allow
-# Deny from all
+# AllowOverride None
+# Order Deny,Allow
+# Deny from all
#</Directory>
# and compiled in modules.
# Set to one of: Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
-#
#ServerTokens Minimal
ServerTokens ProductOnly
+#ServerTokens Full
#
# Optionally add a line containing the server version and virtual host
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
-#
#ServerSignature Off
ServerSignature On
# diagnostic purposes).
#
# Set to one of: On | Off | extended
-#
TraceEnable Off
#TraceEnable On
+#
+# Forbid access to version control directories
+#
+# If you use version control systems in your document root, you should
+# probably deny access to their directories. For example, for subversion:
+#
+#<DirectoryMatch "/\.svn">
+# Require all denied
+#</DirectoryMatch>
+
+#
+# Setting this header will prevent MSIE from interpreting files as something
+# else than declared by the content type in the HTTP headers.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Content-Type-Options: "nosniff"
+
+#
+# Setting this header will prevent other sites from embedding pages from this
+# site as frames. This defends against clickjacking attacks.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Frame-Options: "sameorigin"
+
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
projects / dsa-puppet.git / commitdiff