tag: Security through obscurity

Apache Remove Server Signature

21 Mar, 2012 - 1 minutes
Apache’s signature is the small block of text identifiying the running version of Apache, OS Running and modules installed. Example of a server signature: Apache/2.2.16 (Debian) PHP/5.3.10-1 Server at nationpigeon.com Port 80 To remove this you need to edit “/etc/apache2/conf.d/security” to show “ServerSignature Off". You might want to play around with ServerTokens which limits the amount of infromation returned in the server HTTP header.