Which modules can be disabled in apache2.4 on windows
Posted
by
j0h
on Server Fault
See other posts from Server Fault
or by j0h
Published on 2014-05-25T16:30:09Z
Indexed on
2014/05/28
21:33 UTC
Read the original article
Hit count: 180
I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf
. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements.
Some examples of things I would think I can disable are:
LoadModule cgi_module
others like
LoadModule rewrite_module
LoadModule version_module
LoadModule proxy_module
LoadModule setenvif_module
I am not so sure they can be disabled.
I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are:
core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5
© Server Fault or respective owner