|Description:||Provides a comprehensive overview of the server configuration|
mod_info, add the following to your
Deny from all
Allow from yourcompany.com
Once configured, the server information is obtained by accessing
mod_info is loaded into the server, its handler capability is available in all configuration files, including per-directory files (e.g.,
.htaccess). This may have security-related ramifications for your site.
In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Therefore, this module should only be used in a controlled environment and always with caution.
You will probably want to use
mod_authz_host to limit access to your server configuration information.
# Allow access from server itself
Allow from 127.0.0.1
# Additionally, allow access from local workstation
Allow from 192.168.1.17
By default, the server information includes a list of all enabled modules, and for each module, a description of the directives understood by that module, the hooks implemented by that module, and the relevant directives from the current configuration.
Other views of the configuration information are available by appending a query to the
server-info request. For example,
http://your.host.example.com/server-info?config will show all configuration directives.
mod_info provides its information by reading the parsed configuration, rather than reading the original configuration file. There are a few limitations as a result of the way the parsed configuration tree is created:
<IfDefine>are not listed, but the included configuration directives are.
.htaccessfiles are not listed (since they do not form part of the permanent server configuration).
<Directory>are listed normally, but
mod_infocannot figure out the line number for the closing
|Description:||Adds additional information to the module information displayed by the server-info handler|
|Context:||server config, virtual host|
|Compatibility:||Apache 1.3 and above|
This allows the content of string to be shown as HTML interpreted, Additional Information for the module module-name. Example:
AddModuleInfo mod_deflate.c 'See <a \