Apache Security: Hide Apache Web Server Version number
Apache Web Server Version number with ServerSignature and ServerTokens directives
Open your httpd.conf file using text editor such as vi:
There are two config directives that controls Apache version. The ServerSignature directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients. ServerSignature is set to on by default. The ServerTokens directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules.
Append/modify config directive as follows:
ServerTokens Prod
Save and close the file. Restart Apache web server:
Leave a Reply
You must be logged in to post a comment.