PCI Compliance Disable ETags
PCI Compliance
Disable ETags
To alleviate security risks arising from disclosure of information about files and their properties by Apache Web server, disable FileETag directive. For PCI Compliance it is required to disable ETags
Create a file at /etc/httpd/conf.d/no-etags.conf with the following:
Header unset ETag
FileETag None
Then of course restart Apache.
http://httpd.apache.org/docs/2.2/mod/core.html#FileETag
Recent Comments