How to hide Apache Version and OS Identity from Errors
By default Apache displays the version of Apache web server installed on server together with the Operating system name of server in Errors. It also shows the information about Apache modules installed in server. This can be a major security threat to web server as well as Linux box too. To prevent Apache to not to display these information to the world, we need to make some changes in Apache main configuration file.
Open configuration file with vim editor and search for “ServerSignature“, its by default On. We need to Off these server signature and the second line “ServerTokens Prod” tells Apache to return only Apache as product in the server response header on the every page request, It suppress the OS, major and minor version info.
# vim /etc/httpd/conf/httpd.conf (RHEL/CentOS/Fedora) # vim /etc/apache/apache2.conf (Debian/Ubuntu)
View original post 2 164 mots de plus