Saturday, September 21, 2019

How to disable Web server version disclosure

On Debian, Ubuntu or Linux Mint:

$ sudo vi /etc/apache2/apache2.conf

On CentOS, Fedora, RHEL or Arch Linux:

$ sudo vi /etc/httpd/conf/httpd.conf

Add the following two lines at the end of Apache config file.

1
2
ServerSignature Off
ServerTokens Prod

Then restart web server to activate the change.

Ref: http://ask.xmodulo.com/turn-off-server-signature-apache-web-server.html

No comments:

Post a Comment