3
In some tests found that the "server signature was on", I do not know what this is. What is and how can I turn off this "signature"? In security tests conducted recommend that I turn off this signature to preserve server security.
1 answer
4
It is the information that the HTTP server provides in some circumstances such as error pages and headers. This is not so critical as it only provides useful information for hackers.
You should add:
ServerSignature Off
ServerTokens Prod
to your configuration file, probably httpd.conf (some systems use apache2.conf).
Need to reload the file or restart the server.
You can see the before and after trying to access a non-existent page.
Although rare and probably won’t be your problem, this can cause some undesirable side effects when some software needs this information to make decisions.
Browser other questions tagged apache http server iis nginx
You are not signed in. Login or sign up in order to post.
Inform which operating system and web server you are using.
– Marco Antonio Quintal