| Syhunt TS Security Hardening Report |
|
Syhunt TS Security Hardening Tool report for httpd.conf ("D:\httpd.conf"") Date: 06/04/2004 2:51:06 PM
|
| 42 recommendation(s) |
| mod_vhost_alias.c module |
|
Line: 284
mod_vhost_alias.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_bandwidth.c module |
|
Line: 286
mod_bandwidth.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_throttle.c module |
|
Line: 289
mod_throttle.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_env.c module |
|
Line: 291
mod_env.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_log_agent.c module |
|
Line: 293
mod_log_agent.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_log_referer.c module |
|
Line: 294
mod_log_referer.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_negotiation.c module |
|
Line: 297
mod_negotiation.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_status.c module |
|
Line: 298
mod_status.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_info.c module |
|
Line: 299
We recommend to disable the mod_info module. mod_info should never be accessible from the Internet, mainly because it reveals the server's configuration. |
| mod_include.c module |
|
Line: 300
mod_include.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_autoindex.c module |
|
Line: 301
We recommend to disable the mod_autoindex module. This module enables automatic directory indexing. |
| mod_cgi.c module |
|
Line: 303
Unless absolutely necessary, disable PHP, CGI, SSI and other scripting languages. |
| mod_asis.c module |
|
Line: 304
mod_asis.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_imap.c module |
|
Line: 305
mod_imap.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_actions.c module |
|
Line: 306
mod_actions.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_userdir.c module |
|
Line: 308
mod_userdir.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_alias.c module |
|
Line: 309
mod_alias.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_rewrite.c module |
|
Line: 310
mod_rewrite.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_auth_anon.c module |
|
Line: 313
mod_auth_anon.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_auth_db.c module |
|
Line: 314
mod_auth_db.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_expires.c module |
|
Line: 323
mod_expires.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_headers.c module |
|
Line: 324
mod_headers.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_so.c module |
|
Line: 328
mod_so.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_setenvif.c module |
|
Line: 329
mod_setenvif.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_perl.c module |
|
Line: 331
mod_perl.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_php module |
|
Line: 334
Unless absolutely necessary, disable PHP, CGI, SSI and other scripting languages. |
| php extension |
|
Line: 334
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .inc |
| php extension |
|
Line: 334
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .class |
| mod_php.c module |
|
Line: 334
mod_php.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_php module |
|
Line: 337
Unless absolutely necessary, disable PHP, CGI, SSI and other scripting languages. |
| php extension |
|
Line: 337
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .inc |
| php extension |
|
Line: 337
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .class |
| mod_php3.c module |
|
Line: 337
mod_php3.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_php module |
|
Line: 340
Unless absolutely necessary, disable PHP, CGI, SSI and other scripting languages. |
| php extension |
|
Line: 340
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .inc |
| php extension |
|
Line: 340
We recommend to add the following line to the Apache configuration file: AddType application/x-httpd-php .class |
| mod_dav.c module |
|
Line: 343
mod_dav.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_roaming.c module |
|
Line: 346
mod_roaming.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_ssl.c module |
|
Line: 349
mod_ssl.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_put.c module |
|
Line: 352
mod_put.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_python.c module |
|
Line: 355
mod_python.c may be unnecessary. By disabling unnecessary modules, we can avoid potential break-ins. |
| mod_security.c module |
|
mod_security.c module not found. We recommend to enable the mod_security module - The mod_security module can help protect against Cross Site Scripting (XSS) and SQL injection. Detailed information can be found at: http://www.modsecurity.org |
| v2.0.0 |