Hello,
When using no index, for directories/files browsing, apache adds at the end of the page its version number and main server name (ex: Apache/2.0.52 (Red Hat) Server at my.servername.com Port 80).
The best way for hackers to search for victims once a security hole is disclosed, is to look for apache signature to find a vulnerable server.
This is why I want to remove the complete apache signature at the end of each page generated by Apache, or even better, change it in order to deceive hackers (make it "SomeHTTP Server v1.0").
Is there a way to do this without having to recompile any code ?
Thanks !!
When using no index, for directories/files browsing, apache adds at the end of the page its version number and main server name (ex: Apache/2.0.52 (Red Hat) Server at my.servername.com Port 80).
The best way for hackers to search for victims once a security hole is disclosed, is to look for apache signature to find a vulnerable server.
This is why I want to remove the complete apache signature at the end of each page generated by Apache, or even better, change it in order to deceive hackers (make it "SomeHTTP Server v1.0").
Is there a way to do this without having to recompile any code ?
Thanks !!