From ef7ac8c4d2e5988dc28dac7af96806b3b4725259 Mon Sep 17 00:00:00 2001
From: Pekka Helenius <fincer89@hotmail.com>
Date: Fri, 21 Sep 2018 16:16:27 +0300
Subject: [PATCH] Add patch: Apache - disable additional errormsg

---
 .../patch_apache_disable_additional_errormsg  | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 patches/patch_apache_disable_additional_errormsg

diff --git a/patches/patch_apache_disable_additional_errormsg b/patches/patch_apache_disable_additional_errormsg
new file mode 100644
index 0000000..c865653
--- /dev/null
+++ b/patches/patch_apache_disable_additional_errormsg
@@ -0,0 +1,23 @@
+Author: Pekka Helenius (~Fincer), 2018
+
+Patch: Remove additional error string from Apache server HTTP-based HTML output message. Especially, do not give any clear hints about existence of Apache ErrorDocument parameter to the client.
+
+This patch is useful for obfuscating server identity to a client but can bury underneath problems in server configuration and thus hamper debugging of errors which are based on HTTP return codes. Thus, use discretion before implementing the patch in your Apache server configuration.
+
+--- a/modules/http/http_protocol.c
++++ b/modules/http/http_protocol.c
+@@ -1542,12 +1542,12 @@ AP_DECLARE(void) ap_send_error_response(
+                                  get_canned_error_string(status, r, location),
+                                  NULL);
+ 
+-        if (recursive_error) {
++        /*if (recursive_error) {
+             ap_rvputs_proto_in_ascii(r, "<p>Additionally, a ",
+                       status_lines[ap_index_of_response(recursive_error)],
+                       "\nerror was encountered while trying to use an "
+                       "ErrorDocument to handle the request.</p>\n", NULL);
+-        }
++        }*/
+         ap_rvputs_proto_in_ascii(r, ap_psignature("<hr>\n", r), NULL);
+         ap_rvputs_proto_in_ascii(r, "</body></html>\n", NULL);
+     }