Differences

This shows you the differences between two versions of the page.

--- apache:harden_apache [2020/07/15 09:30] – external edit 127.0.0.1
+++ apache:harden_apache [2023/07/17 11:20] (current) – peter
@@ Line 1: / Line 1: @@
 ====== Apache - Harden Apache ======
-===== Hide the Apache version =====
+[[Apache:Harden Apache:Hide the Apache version|Hide the Apache version]]
-Visit your web server in Firefox.  Activate Firebug by clicking the Firebug icon on the top right side.
+[[Apache:Harden Apache:Hide web server version from appearing in http header|Hide web server version from appearing in http header]]
-If you check the HTTP response headers in Firebug, it will show the Apache version along with your operating system name and version.
+[[Apache:Harden Apache:Remove default Apache files|Remove default Apache files]]
-To hide this information from browsers, you will need to make some changes in Apache's main configuration file.
+[[Apache:Harden Apache:Restrict Apache Information Leakage|Restrict Apache Information Leakage]]
-You can do this by editing the httpd.conf file:
+[[Apache:Harden Apache:Use .htaccess to hard-block spiders and crawlers|Use .htaccess to hard-block spiders and crawlers]]
-<code bash>
+----
-sudo vi /etc/apache/apache2.conf
-</code>
-Add the following line at the end of file:
+Chroot
-<file apache /etc/apache/apache2.conf>
-ServerSignature Off
-ServerTokens Prod
-</file>
-Save the file and restart the Apache service to reflect these changes:
-<code bash>
-sudo apachectl restart
-</code>
-Now, open Firefox and access your web server.  Check the HTTP response headers in Firebug, You should see that setting ServerSignature to Off has removed the version information from Server.
+----
+[[Apache:Use .htaccess to hard-block spiders and crawlers|Use .htaccess to hard-block spiders and crawlers]]