Building Static Site: Security(Updating)
Hide Version Number and Other Sensitive Info
- Modify ServerTokens to be prod - packet header
ServerTokens Prod[uctOnly]
Info sent to clients: Server: Apache
- Hide ServerSignature - 404 pages
Steps
$ sudo vim /etc/apache2/apache2.conf #Debian/Ubuntu systems
$ sudo vim /etc/httpd/conf/httpd.conf #RHEL/CentOS systems
Add/modify/append the lines below:
ServerTokens Prod
ServerSignature Off
$ sudo systemctl restart apache2 #SystemD
$ sudo service apache2 restart #SysVInit