Bug#775176: please don't open tcp/80 by default

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 This could be implemented by splitting ports.conf into 2 parts conf-available/{port80.conf,port443.conf} and to create the symlinks in conf-enabled (to keep Debian's default). Just a suggestion, of course. Nah,... really not... then you get

Bug#775176: please don't open tcp/80 by default

On Thu, 2015-01-15 at 13:53 +0100, Harald Dunkel wrote: Unfortunately the VirtualHost statement defines both IP address and port for each virtual host. They don't work without the appropriate Listen statements, so I cannot follow your independent from each other. That's basically why you need

Bug#775176: please don't open tcp/80 by default

As said before... where Apache listens on and which (whether at all) you have vhosts, is in principle independent from each other. a2en/dissite should not change the listening behaviour. Unfortunately the VirtualHost statement defines both IP address and port for each virtual host. They don't

Bug#775176: please don't open tcp/80 by default

On Wed, 2015-01-14 at 06:47 +0100, Harald Dunkel wrote: the interface to enable and disable virtual hosts is a2ensite/a2dissite. That includes the IP/IPv6 address / virtual host names *and* the ports to listen. apache2.conf should provide just a basic configuration common for all vhosts and

Bug#775176: please don't open tcp/80 by default

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Of course I can edit ports.conf, apache2.conf, envvars and all the others. Thats not the point. Surely I am no expert in apache2 configuration, but IMU the interface to enable and disable virtual hosts is a2ensite/a2dissite. That includes the

Bug#775176: please don't open tcp/80 by default

On Mon, 12 Jan 2015, Harald Dunkel wrote: Actually I don't see any reason why apache2 should unconditionally listen on 80/tcp for a https-only setup, so I wonder if ports.conf could be moved to conf.d to support a2disconf? As ports.conf does not contain anything else, editing it should not

Bug#775176: please don't open tcp/80 by default

Package: apache2 Version: 2.4.10-9 Actually I don't see any reason why apache2 should unconditionally listen on 80/tcp for a https-only setup, so I wonder if ports.conf could be moved to conf.d to support a2disconf? Another option would be to move the Listen statements to the appropriate virtual

Bug#775176: please don't open tcp/80 by default

On Mon, 2015-01-12 at 09:48 +0100, Harald Dunkel wrote: Actually I don't see any reason why apache2 should unconditionally listen on 80/tcp for a https-only setup, so I wonder if ports.conf could be moved to conf.d to support a2disconf? You can just modify ports.conf and set the listening