Where do I find Apache’s configtest declaration?

Posted on

Where do I find Apache’s configtest declaration? – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, , , , .

I want to improve security of my Apache webserver.

  1. Open:

    /etc/apache2/conf.d/security
  2. Edit:

    ServerTokens Prod
    ServerSignature Off
  3. Reload/Restart:

    /etc/init.d/apache2 reload
    /etc/init.d/apache2 restart

The values Prod and Off should be fine, but I get these errors:

ServerTokens takes one argument, Determine tokens displayed in the Server: header - Min(imal), OS or Full
Action 'configtest' failed.
ServerSignature takes one argument, En-/disable server signature (on|off|email)
Action 'configtest' failed.

Where do I find Apache’s configtest declaration, so I can tell it to accept Prod and Off?

Problem solution:

I had inline comments in my config file, which are not allowed.

So do NOT do this:

ServerTokens Prod # Added this on 10/20/2012

Instead do it this way:

# Added this on 10/20/2012:
ServerTokens Prod

However, the error messages confused me, since they only had three options (Min, OS and Full) and were all lower case (on|off|email) while in the config file there were more options and ucfirst.

Solution :

This looks like you’re using a Debian/Ubuntu or similar system. You can run a configtest with

apache2ctl configtest

You can’t change it’s declaration to accept Prod (it already does) and you shouldn’t need to.

The Error message is quite clear ServerTokens takes one argument ... I can only get this error message if I supply the ServerTokens directive with more than one parameter so

 ServerTokens Prod 1

fails in the same way that you observe. You need to figure out why your ServerTokens and ServerSignature directives have more than one parameter. This first thing I would try is to load the files into vim and use :set invlist which will show any hidden characters in your file.

Not sure what you mean.
apache2 configtest (on a redhat box) runs apachectl.
If you look at apachectl which is s script supplied by apache it is bascially running httpd -t.

So httpd itself is what is testing the config when you run a configtest.

One way around this would be to put some negated ifdefines around the offeneding config stanzas

e.g.:
In your config file:

<ifdefine ! DONTRUNMYBADCONFIG >
ServerTokens Prod
ServerSignature Off
</ifdefine>

Then run

httpd -t -DDONTRUNMYBADCONFIG

To test your config.
I believe ewverything else will get tested normally, but those two directives will be ignored as long as -DDONTRUNMYBADCONFIG is in the apache command line.

You could add the -DDONTRUNMYBADCONFIG to the /etc/init.d/apache2 script in the “confgitest” section if you wanted, so you could still run service httpd configtest as normal.

Leave a Reply

Your email address will not be published. Required fields are marked *