Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Apache web page optimization-hide the version number

2025-04-09 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

(the environment of this article is based on Apache web page optimization series)

Overview

The version information of Apache reveals the fixed vulnerability information, which brings security risks to the website. if you want to configure Apache hidden version information in the production environment, you can use Fiddler package grabbing tool to analyze.

Configure Apache to hide version information 1. Change the main configuration file httpd. Conf the following line comments are removed from # Include conf/extra/httpd-default.conf2. Modify httpd-default. The conf file has two places where 3.Server Tokens Full is modified to Server Tokens Prod4. Modify ServersSignature On to ServersSignature Off5. Restart the httpd service, visit the website, grab the package test example demonstration

1. Open a Win10 client and grab the package using the fiddler tool. You can initially know the Apache version information on the server side.

two。 Modify the Apache main configuration file

[root@localhost bin] # vim / usr/local/httpd/conf/httpd.conf// Edit main configuration file 496 Include conf/extra/httpd-default.conf// delete the # before line 496 of the file to enable the default function

3. Modify the Apache extension configuration file and restart the service

[root@localhost bin] # vim / usr/local/httpd/conf/extra/httpd-default.conf / / Edit extended configuration file 55 ServerTokens Prod// replace Full at the end of line 55 with Prod65 ServerSignature Off//, replace on at the end of line 65 with Off [root@localhost bin] #. / apachectl stop// stop Apache service [root@localhost bin] #. / apachectl start// start Apache service

4. When you go back to the client to refresh the web page and re-grab the package tool test, you can see that the version information of Apache has been hidden.

-Thank you for reading-

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Files configurations information versions services tools web pages customers clients environments websites tests security two functions places instances comments vulnerabilities end vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple MariaDB Apple NVidia MySQL vpn Microsoft OPPO Reno Shulou Technology Docker Linux Redmi Huawei Xiaomi Shulou Information Shulou Tech Info macOS MariaDB Apple NVidia MySQL vpn Microsoft OPPO Reno Shulou Technology Docker Linux Redmi Huawei Xiaomi Shulou Information Shulou Tech Info macOS

Share To

Related

Servers

More Servers >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report