[Dshield] Apache version

Brian Dessent brian at dessent.net
Mon Jul 7 04:09:33 GMT 2003


Nguyen Nhu Hao wrote:
> 
> Dear all,
> I install Apache on my Linux box and I regconize that apache daeman usually
> tells its version when I telnet to port 80. I don't like that because
> hackers use this data to attack my box. Anyone help me how to configure
> apache not show its version.

Security by obscurity is not good security.  This will not protect you
from hackers, but it will give you a false sense of security.

If you insist on doing this:
http://httpd.apache.org/docs/mod/core.html#servertokens

Brian




More information about the list mailing list