Remove Version Signature From Apache

From banana_wiki
Jump to: navigation, search

Nobody should display their version and other sensitive information that Apache shows on directory listings and errors by default.

To remove the signature that displays this senstive info like version number we just have to:

nano /etc/apache2/conf.d/security

And comment out

#ServerSignature On
#ServerTokens OS

And then paste in

ServerSignature Off
ServerTokens Prod

Then restart apache

/etc/init.d/apache2 restart