Home / PCI Compliance / Disable ETags

Disable ETags

PCI Compliance,  Plesk 0

To alleviate security risks arising from disclosure of information about files and their properties by Apache Web server, disable FileETag directive. For PCI Compliance it is required to disable ETags

Create a file at /etc/httpd/conf.d/no-etags.conf with the following:

Header unset ETag
FileETag None

Then of course restart Apache.

http://httpd.apache.org/docs/2.2/mod/core.html#FileETag

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  •  
    Previous Post

    How to verify matching private key with a certificate

  •  
    Next Post

    Eximstats too large