You should hide apache banner information from being displayed so the attackers are not aware of what version of Apache version you are running and thus making it more difficult for them to exploit any system holes and thus making vulnerability scanners work harder and in some cases impossible without knowing banner information.
How To: Modify
/etc/httpd/conf/httpd.conf Change the ServerSignature line to:
ServerSignature Off Change the ServerTokens line to:
ServerTokens ProdRestart Apache: /sbin/service httpd restart
0 comments:
Post a Comment