Disable ETags

To alleviate security risks arising from disclosure of information about files and their properties by Apache Web server, disable FileETag directive. For PCI Compliance it is required to disable ETags

Create a file at /etc/httpd/conf.d/no-etags.conf with the following:

Header unset ETag
FileETag None

Then of course restart Apache.

http://httpd.apache.org/docs/2.2/mod/core.html#FileETag

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.