According to Jim Jagielski: > I'd like to get some sort of feedback concerning the idea > of having ServerTokens not only "adjust" what Apache > sends in the Server header, but also allow the directive > to fully set that info.
I tend to be -1 on this for the following reasons: - It's only security by obscurity and providing such a "security feature" may be misleading for our users. - We don't want people to obfuscate the server name, do we? If people really want to change it they can always do that at compile time, but we should not encourage it by providing a configuration directive for it. ciao... -- Lars Eilebrecht - Don't use no double negatives, not never. [EMAIL PROTECTED]
