Which modules can be disabled in apache2.4 on windows
- by j0h
I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements.
Some examples of things I would think I can disable are:
LoadModule cgi_module
others like
LoadModule rewrite_module
LoadModule version_module
LoadModule proxy_module
LoadModule setenvif_module
I am not so sure they can be disabled.
I am running php5 as a scripting engine, with no databases, and that is it.
My loaded modules are:
core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5