Apache – Turn off server signature

Hard-Disk-Server-iconHaving your server include a signature at the end of a web page can be a security risk. So turn off server signature before someone target your server. They will easily know what web server version and operating system you are using. And then use that information to search for exploits spesific to your version. So we better leave it out.Screen Shot 2015-06-06 at 11.41.35






By typing in a page we know doesn’t exist, for provoking a 404 page to display, we will here see Apache version, and that we are using Debian.

On a Debian based Linux distro (Ubuntu, Linux Mint, Etc) we open this file: /etc/apache2/apache2.conf
On a Red Hat based distro (Centos, Fedora, Arch) open this file: /etc/httpd/con/httpd.conf

Add these two lines to the end of the config:
ServerSignature Off
ServerTokens Prod

ServerSignature turns the signature off, but you still need to include the ServerTokens. It will still display the server signature if you dont include it.

You will need to restart the server to make your changes take effect.
Debian based: service apache2 restart
Red Hat/Centos: service httpd restart

Screen Shot 2015-06-06 at 11.46.51

Your web server signature should now be hidden. And this was how to turn off server signature on a Apache webserver.

Happy safe serving!

About Author

Related Posts

php8 gd

PHP8 gd Activate after installation

PHP8 GD activate after installation. GD doesn’t get activated by default. Not even a reboot after installation will activate it. So how do we do it? In…

wordpress page not found

WordPress page not found after changing permalinks

Permalinks are a critical aspect of a WordPress website’s structure, providing user-friendly URLs that enhance both SEO and user experience. However, occasionally, WordPress users encounter permalink issues…

Debian 12: linux-image-6.1.0-10amd64

Troubleshooting dependency issues in Debian 12: Resolving linux-image-6.1.0-10amd64 package dependency problems. If you installed the Debian 12 from the live image the issue is the raspi-firmware. Even…

4 Best Free Nas Software That Is Open Source

Free NAS software or operating systems that are free to use and will turn a computer into a NAS more advanced than the dedicated boxes sold. What…

Raspbian default password

Raspbian default password

Looking for the Raspbian default password? It is the most essential username and password that you will need for your raspberry. At least if you are running…

OpenMediaVault default password

OpenMediaVault default password

OpenMediaVault default password is printed in the documentation. I did not see it the first time I installed it either. So I had to do some detective…

Leave a Reply