Hiding APACHE version from Hackers !!

Continuing the same flavor of hiding the sendmail version.
This is another feather in the same cap. Here I am going to show you –
How to hide your APACHE version !!
This is a very useful HACK to protect your web-server from potential hackers.
The Problem # Anyone who is well versed with Linux can find out the version of your apache server by simply doing a telnet to your server on port 80, as shown:
Just give-
HEAD / HTTP / 1.0 <enter>
<enter>
after doing the telnet

Using telnet to get APACHE version

Now this can be very dangerous !!
Now lets harden our apace server by hiding the version to the world.
Open the /etc/httpd/conf/httpd.conf, find and edit the following parameters
ServerSignature on to ServerSignature off
ServerTokens OS to ServerTokens Prod
Now save and exit and restart your apache service.
service httpd restart
Now if someone now tries to find the version of apache using the previous telnet method, he will get this :

Secured Apache by hiding its version

Happy
Enjoy your Edge!!
God Bless.
Advertisements