Kurinchi Blogger Scribbles …


Posts Tagged ‘ServerTokens’

Aug 08
2009

How to hide Apache version, Modules loaded, PHP Version?

Last updated: August 4th, 2009

It is often advisable not to disclose information than is necessary when web request are made to Apache server.

By default, Apache displays the version of the server, modules loaded in the server and the version of PHP if PHP is configured with Apache.

In httpd.conf file, set the following directives.

ServerSignature Off
ServerTokens ProductOnly

By default, ServerSignature is set to Off and ServerTokens is set to Full in most Linux distros.


Valid HTML 4.01 Strict  Valid HTML 4.01 Strict