What is it with website operators who think that if it doesn’t have a “www” in front of it, it’s not a website?
I mean, how hard is it to replace:
ServerName www.froufrou.net
with:
ServerName froufrou.net
ServerAlias www.froufrou.net
?
I mean it’s not like they’re running Insecure Information Services or something. It can’t be that hard to do.
Of course, mind you, they are running a version of Apache with known security holes, a version of PHP with known security holes, and a version of OpenSSL with known security holes.