From: Jim Jagielski <jim@apache.org>
Date: Wed, 2 Sep 2009 12:22:32 +0000 (+0000)
Subject: doccos for soon to be reverted code.
X-Git-Tag: 2.3.3~342
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e35ab9433b655da59a32ef2775cd1b1ba7118d5b;p=apache

doccos for soon to be reverted code.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@810477 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml
index 83a04aae1a..0d714194b8 100644
--- a/docs/manual/mod/core.xml
+++ b/docs/manual/mod/core.xml
@@ -2862,7 +2862,7 @@ is accessed by an incompatible browser</description>
 <name>ServerTokens</name>
 <description>Configures the <code>Server</code> HTTP response
 header</description>
-<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</syntax>
+<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full|Off|Set</syntax>
 <default>ServerTokens Full</default>
 <contextlist><context>server config</context></contextlist>
 
@@ -2873,10 +2873,10 @@ header</description>
     information about compiled-in modules.</p>
 
     <dl>
-      <dt><code>ServerTokens Off</code></dt>
+      <dt><code>ServerTokens Full</code> (or not specified)</dt>
 
-      <dd>Server sends no <code>Server:</code> header
-      (and <code>SERVER_SOFTWARE</code> is blank)</dd>
+      <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
+      (Unix) PHP/4.2.2 MyMod/1.2</code></dd>
 
       <dt><code>ServerTokens Prod[uctOnly]</code></dt>
 
@@ -2911,10 +2911,11 @@ header</description>
       there are any embedded spaces.
       </dd>
 
-      <dt><code>ServerTokens Full</code> (or not specified)</dt>
+      <dt><code>ServerTokens Off</code></dt>
+
+      <dd>Server sends no <code>Server:</code> header
+      (and <code>SERVER_SOFTWARE</code> is blank)</dd>
 
-      <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
-      (Unix) PHP/4.2.2 MyMod/1.2</code></dd>
     </dl>
 
     <p>This setting applies to the entire server, and cannot be
@@ -2923,6 +2924,14 @@ header</description>
     <p>After version 2.0.44, this directive also controls the
     information presented by the <directive
     module="core">ServerSignature</directive> directive.</p>
+    
+    <note>Setting <directive>ServerTokens</directive> to less than
+    <code>minimal</code> is not recommended because it makes it more
+    difficult to debug interoperational problems. Also note that
+    disabling the Server: header does nothing at all to make your
+    server more secure; the idea of "security through obscurity"
+    is a myth and leads to a false sense of safety.</note>
+
 </usage>
 <seealso><directive module="core">ServerSignature</directive></seealso>
 </directivesynopsis>