Added EXPOSE_WEB_SERVER_INFO variable to control web server / php versions expose

This commit is contained in:
Alexey Pustovalov
2024-02-06 17:54:37 +09:00
parent 58f68d6494
commit 8dc8d284c6
45 changed files with 298 additions and 40 deletions

View File

@ -6,3 +6,5 @@ max_input_time = ${ZBX_MAXINPUTTIME}
; always_populate_raw_post_data=-1
max_input_vars = 10000
date.timezone = ${PHP_TZ}
; https://www.php.net/manual/en/security.hiding.php
expose_php = ${EXPOSE_WEB_SERVER_INFO}

View File

@ -23,6 +23,8 @@ fi
ZABBIX_ETC_DIR="/etc/zabbix"
# Web interface www-root directory
ZABBIX_WWW_ROOT="/usr/share/zabbix"
# Apache main configuration file
HTTPD_CONF_FILE="/etc/apache2/apache2.conf"
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
@ -226,11 +228,25 @@ prepare_zbx_web_config() {
if [ "${ENABLE_WEB_ACCESS_LOG,,}" == "false" ]; then
sed -ri \
-e 's!^(\s*CustomLog)\s+\S+!\1 /dev/null!g' \
"/etc/apache2/apache2.conf"
"$HTTPD_CONF_FILE"
sed -ri \
-e 's!^(\s*CustomLog)\s+\S+!\1 /dev/null!g' \
"/etc/apache2/conf-available/other-vhosts-access-log.conf"
fi
: ${EXPOSE_WEB_SERVER_INFO:="on"}
if [ "${EXPOSE_WEB_SERVER_INFO}" = "off" ]; then
sed -i \
-e "s/^\(\s*ServerTokens\).*\$/\1 Prod/g" \
"$HTTPD_CONF_FILE"
else
EXPOSE_WEB_SERVER_INFO="on"
fi
export EXPOSE_WEB_SERVER_INFO=${EXPOSE_WEB_SERVER_INFO}
sed -i \
-e "s/^\(\s*ServerSignature\).*\$/\1 ${EXPOSE_WEB_SERVER_INFO^}/g" \
"$HTTPD_CONF_FILE"
}
#################################################