General discussion

Locked

Response from Apache and FC3

By ngc4013 ·
When a computer is scanned for vulnerabilities is there a way to alter the servers response so that both Apache and it's version, and FC3 are not provided in the response?

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by Jaqui In reply to Response from Apache and ...

in apache's configuration
you have full none all settings on server response messages.
read both http.conf and httpcommon.conf

as it's in one of those files.

Collapse -

by Jaqui In reply to

commonhttpd.conf
the sections are here, in default:
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Full

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (error documents, FTP directory listings,
# mod_status and mod_info output etc., but not CGI generated documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature On

Collapse -

by ngc4013 In reply to

Poster rated this answer.

Collapse -

by ngc4013 In reply to Response from Apache and ...

This question was closed by the author

Back to Linux Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums