For security reasons, you will want to disable Apache and PHP signature (versions) in external facing sites. When signature is not hidden you will see headers like
*************
To hide the signatures, you can make the following changes in your apache's httpd.conf and php.ini file
httpd.conf
**************
ServerSignature Off
ServerTokens Prod
TraceEnable Off
**************
php.ini
**************
expose_php = Off
**************
After the above changes, you will have to restart your httpd server.
*************
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Oct 2014 19:35:43 GMT
Pragma: no-cache
Server: Apache/2.4.9 (Unix) PHP/5.5.11
X-Powered-By: PHP/5.5.11
*************To hide the signatures, you can make the following changes in your apache's httpd.conf and php.ini file
httpd.conf
**************
ServerSignature Off
ServerTokens Prod
TraceEnable Off
**************
php.ini
**************
expose_php = Off
**************
After the above changes, you will have to restart your httpd server.
No comments:
Post a Comment