Hide Apache ServerSignature / ServerTokens / PHP X-Powered-By

By default almost all Apache installation shows sensitive server information with Apache version number, server operating system details, installed Apache modules, PHP-version and so on. Attackers can use this information when performing attacks. Some examples howto check server information that Apache sends Error page Use lynx $ lynx -head -mime_header http://www.ubuntu.com HTTP/1.0 200 OK Date: Fri, 20 Nov 2009 09:25:46 GMT Server: Apache/2.2.8 (Ubuntu)...
Exit mobile version