Removing Apache Header

Some third party scanners gives a warning about having the Apache server name to be public. One of the main reasons to hide this is to give hackers a hard time to guess what web servers you are using. Giving out your Apache version and your OS can let hackers quickly search your server for known vulnerabilities.

edit:

/etc/httpd/conf/httpd.conf

#Change the following
ServerSignature On

#to

ServerSignature Off

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.