To prevent those, who have sticky-fingers, of sniffing around, this is how to make the server “unisex”…
In the Apache’s
httpd.conf configuration file (or its included
*.conf files), change the following directives:
ServerTokens Prod ServerSignature Off
To remove the word “Apache” entirely, it is necessary to modify the source files, where the word is hard-coded, and recompile the server. Or, the same effect can be achieved using the
SecServerSignature directive. More info here.
In the PHP’s configuration file, i.e., the
php.ini, change the config as follows:
expose_php Off ; the following are default values for Production value display_errors = Off display_startup_errors = Off
Now, restart the Apache server.
Use the following command to test the web server’s identity:
wget -S -O - -q http://SERVER.DOMAIN.TLD > /dev/null