Remove Version Signature From Apache

From banana_wiki
Revision as of 15:30, 10 April 2014 by Bananafish (talk | contribs) (Created page with "Nobody should display their version and other sensitive information that Apache shows on directory listings and errors by default. To remove the signature that displays this ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Nobody should display their version and other sensitive information that Apache shows on directory listings and errors by default.

To remove the signature that displays this senstive info like version number we just have to:

nano /etc/apache2/conf.d/security

And comment out

#ServerSignature On
#ServerTokens OS

And then paste in

ServerSignature Off
ServerTokens Prod

Then restart apache

/etc/init.d/apache2 restart