[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https vhosts

On Thu, May 24, 2018 at 2:09 PM, Eric Covener <covener@xxxxxxxxx> wrote:
> Thinking about base server and how scanners report it the "vulnerability"...
> AllowUnmatchedHost[name]?
> RejectUnknownHost[name]?

The one or the other is probably a better name than UseDefaultVHost,
it allows to specify it by vhost (really meaningful on base servers
though) OR globally to avoid using fake base servers in the whole
configuration (when relevant).
Looks good to me.