In this tutorial we’ll learn how to hide server signature on apache web server. We will also install and configure its prerequisites. Server Signature is an important piece of information about your server and operating system. i.e. suppose, you are using an Apache server with CentOS operating system. The version number of Apache Server and Operating System information will be displayed in Server Signature.
I would recommend you to hide all sensitive Server Signature Information by disabling it. You can edit Apache configuration file or edit the Htaccess files, in order to minimize risk and to strengthen your system.
Hide Server Signature on Apache Web Server
Step 1. First, ensure your system and apt package lists are fully up-to-date by running the following:
apt-get update -y
Step 2. Disable Apache server signature
To hide web server version number, server operating system details, installed Apache modules and more, open your Apache web server configuration file using your favorite editor:
sudo nano /etc/apache2/apache2.conf #Debian/Ubuntu systems sudo nano /etc/httpd/conf/httpd.conf #RHEL/CentOS systems
And add/modify/append the lines below:
ServerTokens Prod ServerSignature Off
After you add those lines, and reload apache:
sudo systemctl restart httpd
The results should look like this:
HTTP/1.1 200 OK Date: Fri, 20 Nov 2017 12:20:30 GMT Server: Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6.4 X-Powered-By: PHP/5.2.3-1ubuntu6.4 Connection: close Content-Type: text/html; charset=UTF-8
HTTP/1.1 200 OK Date: Fri, 20 Nov 2017 13:06:21 GMT Server: Apache Connection: close Content-Type: text/html; charset=UTF-8
Congratulation’s! You have successfully disable Apache server signature on your CentOS server. Thanks for using this tutorial for installing hide server signature on apache web server on CentOS system.