From 22b57a9903a1232e2396d601f62cf3382645cf74 Mon Sep 17 00:00:00 2001
From: Jacques ROUSSEL <jacques0roussel@gmail.com>
Date: Fri, 24 Apr 2020 12:52:00 +0200
Subject: [PATCH] Disable expose_php and set ServerTokens ProductOnly in apache
 config to improve security

---
 Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 2f14ee7..4182951 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,9 @@ FROM php:7.3-apache
 LABEL maintainer="Andy Miller <rhuk@getgrav.org> (@rhukster)"
 
 # Enable Apache Rewrite + Expires Module
-RUN a2enmod rewrite expires
+RUN a2enmod rewrite expires && \
+    sed -i 's/ServerTokens OS/ServerTokens ProductOnly/g' \
+    /etc/apache2/conf-available/security.conf
 
 # Install dependencies
 RUN apt-get update && apt-get install -y --no-install-recommends \
@@ -38,6 +40,7 @@ RUN { \
     echo 'opcache.enable_cli=1'; \
     echo 'upload_max_filesize=128M'; \
     echo 'post_max_size=128M'; \
+    echo 'expose_php=off'; \
     } > /usr/local/etc/php/conf.d/php-recommended.ini
 
 RUN pecl install apcu \