Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Turning off your apache version number
#1

Some people may check your server by trying to find 404 not founds in which your apache version is displayed. Here is how you turn it off.

 

pico -w /etc/httpd/conf/httpd.conf (or wherever your httpd.conf is located)

 

ctrl - w and put in 'ServerSignature'

 

change

 



Code:
ServerSignature On




 

to

 



Code:
ServerSignature Off




 

service httpd restart

 

and your Apache 1.3.31 is now gone.

 

Cheers.

Reply
#2

And some users may try and telnet to the host and see the HTTP response header, e.g

Code:
[seeno@seeno seeno]$ telnet qualitynet.net 80
Trying 195.226.224.91...
Connected to www.qualitynet.net (195.226.224.91).
Escape character is '^]'.
GET / HTTP/1.1

HTTP/1.1 400 Bad Request
Date: Fri, 09 Jul 2004 21:43:19 GMT
Server: Apache/1.3.31 (Unix) PHP/4.3.7 <<<----
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1




here's a trick that will show only 'Apache' as the Server, in httpd.conf change

Code:
ServerTokens OS


to

Code:
ServerTokens Prod


or add it if it's not already there and restart the server. :)

Reply
#3
vandal and seeno two good tips thinks ;)
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)