Home » Centos/RHEL » Apache » How to Secrete Apache Header Information

How to Secrete Apache Header Information

Web servers frequently transmit server information by default. It’s include information such as the operating system and version, which web server you are running Apache, Nginx, IIS etc. and in some time web server modules installed.
This information is stored in http headers, and sent together with every web page request made by a web client. So this information is destructive for your server security.
Apache have few directives which are useful to hide apache header information.
You need to open apache configuration fine and append the followings line.

ServerSignature Off
ServerTokens ProductOnly
TraceEnable Off

Furthermore, we can use following directives in the httpd.conf as well.

<IfModule mod_headers.c>
Header unset Server
Header unset X-Powered-By
</IfModule>

Moreover use the following variable in modsecurity.conf file
SecServerSignature ” ” ## add this

Enjoy!

About

I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry from last 7 years.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*

Time limit is exhausted. Please reload the CAPTCHA.

Categorized Tag Cloud