Web Agent :: Apache : httpd.conf - Indexes and Multiviews

Article Id: 50962

Status: Published

Updated On: 21-03-2018 06:11

Legacy Id: TEC531291

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

Description:

We have noticed that by configuring Apache for Web Agent, SiteMinder adds the following options in the httpd.conf.

Indexes MultiViews

to the directories section.

Example:

 Alias /siteminderagent/pwcgi/ "/opt/CA/webagent/pw/"   
   <Directory "/opt/CA/webagent/pw/">   
     Options Indexes MultiViews ExecCGI   
   AllowOverride None   
     Order allow,deny   
   Allow from all   
 </Directory>

Those are recognized as a weakness in the security of the Apache server. Could I disable both safely as

-Indexes -MultiViews

in my httpd.conf ?

Solution:

Yes. You can disable them. They won't harm the behavior of the Web Agent.

Environment:

Release:
Component: SMAPC