Hiding APACHE version from Hackers !!
Continuing the same flavor of hiding the sendmail version.
This is another feather in the same cap. Here I am going to show you –
How to hide your APACHE version !!
This is a very useful HACK to protect your web-server from potential hackers.
The Problem # Anyone who is well versed with Linux can find out the version of your apache server by simply doing a telnet to your server on port 80, as shown:
HEAD / HTTP / 1.0 <enter><enter>
after doing the telnet
Now this can be very dangerous !!
Now lets harden our apace server by hiding the version to the world.
Open the /etc/httpd/conf/httpd.conf, find and edit the following parameters
ServerSignature on to ServerSignature offServerTokens OS to ServerTokens Prod
Now save and exit and restart your apache service.
service httpd restart
Now if someone now tries to find the version of apache using the previous telnet method, he will get this :
Enjoy your Edge!!