From 18f9bc8c2804098ebf7436eeb8c47c1d65cf2ace Mon Sep 17 00:00:00 2001
From: James Valleroy <jvalleroy@mailbox.org>
Date: Wed, 26 Aug 2020 09:40:36 -0400
Subject: [PATCH] apache: Disable mod_status

Prevent leaking private info through Tor onion service or Pagekite.

Based on 822c322d20d12f81c6cfca47b66f900542a5aac2.

Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
---
 actions/apache | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/actions/apache b/actions/apache
index 6ebb4fbc3..fb8553076 100755
--- a/actions/apache
+++ b/actions/apache
@@ -122,6 +122,9 @@ def subcommand_setup(arguments):
         webserver.enable('proxy_fcgi', kind='module')
         webserver.enable('rewrite', kind='module')
 
+        # Disable /server-status page to avoid leaking private info.
+        webserver.disable('status', kind='module')
+
         # switch to mod_ssl from mod_gnutls
         webserver.disable('gnutls', kind='module')
         webserver.enable('ssl', kind='module')