https://www.vultr.com

The Everywhere Cloud

Deploy an instance.
Accelerate your application.


Disable Web Server Signatures in Debian-based Linux


Hide server details from potential online threats in a few easy steps.

==========

1. Open the Apache security configuration file.

user@host: $ sudo nano /etc/apache2/conf-enabled/security.conf

2. Find and modify the following Apache directives.

# BEGIN CODE
# ...

ServerTokens Prod
# "Prod" reduces Apache info sent by the server in its HTTP response header.

# ...

ServerSignature Off
# "Off" removes info on server, host, and port from error pages and other auto-generated docs.

# ...
# END CODE

3. List the PHP "x.y" versions available and open the configuration file of the appropriate version.

user@host: $ ls -lha /etc/php
user@host: $ sudo nano /etc/php/x.y/apache2/php.ini

4. Find and modify the following PHP config.

; BEGIN CODE
; ...

expose_php = Off
; "Off" removes the PHP signature sent by the server in its HTTP response header.
; More info at https://php.net/expose-php

; ...
; END CODE

5. Restart the server.

user@host: $ sudo /etc/init.d/apache2 restart

==========

Comments

Popular posts from this blog

Enabling HTTPS in Home Assistant

Configuring the FreeBSD Firewall with IPFW

Running Home Assistant on FreeBSD Servers