apache:harden_apache:hide_the_apache_version
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| apache:harden_apache:hide_the_apache_version [2023/07/17 08:36] – created peter | apache:harden_apache:hide_the_apache_version [2023/07/17 08:39] (current) – peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Apache - Harden Apache - Hide the Apache version ====== | ====== Apache - Harden Apache - Hide the Apache version ====== | ||
| + | |||
| + | Visit the web server in Firefox. | ||
| + | |||
| + | * Activate Firebug by clicking the Firebug icon on the top right side. | ||
| + | * If you check the HTTP response headers in Firebug, it will show the Apache version along with your operating system name and version. | ||
| + | |||
| + | To hide this information from browsers, make some changes in the Apache main configuration file. | ||
| + | |||
| + | Edit the httpd.conf file: | ||
| + | |||
| + | <code bash> | ||
| + | sudo vi / | ||
| + | </ | ||
| + | |||
| + | Add the following line at the end of file: | ||
| + | |||
| + | <file apache / | ||
| + | ServerSignature Off | ||
| + | ServerTokens Prod | ||
| + | </ | ||
| + | |||
| + | Save the file and restart the Apache service to reflect these changes: | ||
| + | |||
| + | <code bash> | ||
| + | sudo apachectl restart | ||
| + | </ | ||
| + | |||
| + | Now, open Firefox and access the web server. | ||
| + | |||
| + | * Check the HTTP response headers in Firebug, | ||
| + | * This should show the setting **ServerSignature** to Off has removed the version information from Server. | ||
apache/harden_apache/hide_the_apache_version.1689583001.txt.gz · Last modified: 2023/07/17 08:36 by peter