enterprise-support team mailing list archive

Thread
Date

Re: [Question #708558]: link in default index.html should be HTTPS

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Manfred Hampl <question708558@xxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 28 Nov 2023 08:15:37 -0000
Reply-to: question708558@xxxxxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Question #708558 on apache2 in Ubuntu changed:
https://answers.launchpad.net/ubuntu/+source/apache2/+question/708558

    Status: Open => Answered

Manfred Hampl proposed the following answer:
That page mentions "Ubuntu", so it's for sure an Ubuntu-provided
addition, and the right addressee for a change request is apache2 on
Ubuntu. I suggest that you create a bug report.

Remarks:
1. The contents of the file state: "You should <b>replace this file</b> (located at <tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server."
If you are eager to have a safe setup, why haven't you already done this?

2. As far as I can see the current Debian version has the same weakness. In Debian's index.html I see
"By default, Debian does not allow access through the web browser ...
... href="http://httpd.apache.org/docs/2.4/mod/mod_userdir.html"; ..."
So It does make sense to create a similar bug report also in Debian's bug tracker for the version in Debian.

-- 
You received this question notification because your team Ubuntu
Server/Client Support Team is an answer contact for apache2 in Ubuntu.