forensics module should not installed by default

[juliantaylor]

Describe the Bug

In https://github.com/puppetlabs/puppetlabs-apache/pull/2442 the forensics module was added to the relatively small set of default installed plugins but there wasn't clear rational given why. The "hack" needed to enable it is the same as for all plugins, e.g.

class { 'apache::mod::forensics': }
# or via hiera defined classes lookup('classes', Array[String], 'unique').include
classes:
  - apache::mod::forensics

As the forensics module does not appear to be a particular commonly used module it should not be in the default set unconditionally: https://github.com/puppetlabs/puppetlabs-apache/blob/main/manifests/default_mods.pp#L123

If I am mistaken in this assumption please instead add a clearer rational to why it is added as a source code comment to avoid confusion in the future.

Expected Behavior

The default configuration installs the minimal needed set of plugin or at least allow disabling this optional one.

[stdietrich]

I am surprised to see this change as well, especially since this module has some Security Considerations:

The log files may contain sensitive data such as the contents of Authorization: headers (which can contain passwords)

Unless I missed something, it's not so easy to get rid of a module declared via apache::default_mods. I'll have to set apache::default_mods::all: false and now declare all mods individually.

I'll support this, that there should be either a good reason to enable it by default or it should be removed.