apache tutorial - How to Secure Apache Web Server | Hiding Apache version and OS information - apache - apache web server - apache server - apache2
- Securing your web server is very important, it means allowing others to see only the intended information & protecting your data and restricting access.
- These are common things that enhance your Apache web servers’ security.
Hiding Apache version and OS information:
- Apache displays its version and the name of the operating system in errors as shown in below screenshot.
Learn Apache - Apache tutorial - Hiding Apache version and OS information - Apache examples - Apache programs
- A hacker can use this information to launch an attack using the publicly available vulnerabilities in the particular version of the server or OS.
- In order to prevent Apache webserverfromdisplaying this information, we have to modify
- “server signature” option available in the apache configuration file. By default, it is “on”, we need to set it “off”.
- We have also set “ServerTokens Prod” that tells the web server to return only apache and suppress the OS major and minor version
- After modifying the configuration file, you have to restart/reload your apache web server to make it effective.
Learn Apache - Apache tutorial - Hiding Apache version - Apache examples - Apache programs