https://www.vultr.com

The Everywhere Cloud

Deploy an instance.
Accelerate your application.


Disable Web Server Signatures in FreeBSD


Hide server details from potential online threats in a few easy steps.

==========

1. Log in to "root". Regular users must be part of the "wheel" group in order to do this.

user@host: $ su -

2. Open the Apache main configuration file.

root@host: # ee /usr/local/etc/apache24/httpd.conf

3. Find and uncomment the following Apache directive.

# BEGIN CODE
# ...

Include etc/apache24/extra/httpd-default.conf
# Default config for the Apache web server.

# ...
# END CODE

4. Open the Apache default settings configuration file.

root@host: # ee /usr/local/etc/apache24/extra/httpd-default.conf

5. Find and modify the following Apache directives.

# BEGIN CODE
# ...

ServerTokens Prod
# "Prod" reduces Apache info sent by the server in its HTTP response header.

# ...

ServerSignature Off
# "Off" removes info on server, host, and port from error pages and other auto-generated docs.

# ...
# END CODE

6. Open the PHP configuration file.

root@host: # ee /usr/local/etc/php.ini

7. Find and modify the following PHP config.

; BEGIN CODE
; ...

expose_php = Off
; "Off" removes the PHP signature sent by the server in its HTTP response header.
; More info at https://php.net/expose-php

; ...
; END CODE

8. Restart the server.

root@host: # service apache24 restart

9. Log out from "root".

root@host: # exit

==========

For Debian-based Linux distributions, the process is similar but some file paths and commands are different as shown here.

==========

Comments

Popular posts from this blog

Enabling HTTPS in Home Assistant

Configuring the FreeBSD Firewall with IPFW

Running Home Assistant on FreeBSD Servers