LinuxHelps.com

A blog for Linux Lovers.

Posted by sibu on May 24, 2009

Hide Apache, PHP and kernel Version Details.

To hide the information, add the following two apache directives in Apache configuration file                    /etc/httpd/conf/httpd.conf

ServerTokens ProductOnly

ServerSignature Off

Now you need to restart your web server using the following command

#/etc/init.d/httpd restart

The ServerSignature appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.

The ServerTokens directive is used to determine what Apache will put in the Server HTTP response header. By setting it to Prod it sets the HTTP response header as follows:

Server: Apache

Hide PHP Version Details

If you want to hide the PHP version you need to edit the /etc/php4/apache/php.ini(For php4 users) file and /etc/php5/apache/php.ini (For php5 users)

Change the following option

expose_php On
to
expose_php Off

Now you need to restart your web server using the following command

#/etc/init.d/httpd restart

After making this change PHP will no longer add it’s signature to the web server header.

In order to hide the ‘kernel’ version, you need to compile a customo kernel. That’s the only way , as far as I know. There’s no setting to do this.

Add A Comment