1. Hide Apache Server Information
Setup ServerTokens Directive:
The ServerTokens directive controls whether Server response header field which is sent back to clients includes the generic OS details. Read More about ServerTokens
There are following options can be configured with the response values when use that. Use one of below on basis of server.
ServerTokens Prod # Server sends (e.g.): Server: Apache
ServerTokens Major # Server sends (e.g.): Server: Apache/2
click here for more option’s to use with ServerTockens directive
Setup ServerSignature Directive
The ServerSignature configures the footer on server-generated documents. Edit Apache configuration file and search ServerSignature directive and update it. Read More about ServerSignature
ServerSignature Off
2. Hide PHP Version
By Default PHP installation exposes to the world that PHP is installed on the server, which includes the PHP version within the HTTP header (Eg:, X-Powered-By: PHP/5.4.20). Read MoreTo hide this values from header edit php.ini and update below directive to Off
expose_php = Off
3. Restart Apache and Verify Changes
Restart Apache server to reload changes.
# service httpd restart
You have make necessary changes in your server. Now again use below command after making all changes and compare output with earlier results.
# wget --server-response --spider http://wordpress.tecadmin.net --18:22:20-- http://wordpress.tecadmin.net/ Resolving wordpress.tecadmin.net... 192.168.1.11 Connecting to wordpress.tecadmin.net|192.168.1.11|:80... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Date: Mon, 07 Oct 2013 07:45:18 GMT Server: Apache Connection: close Content-Type: text/html; charset=UTF-8 Length: unspecified [text language="/html"][/text] 200 OK
http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
Posts
0 comments:
Post a Comment