APACHE – ServerToken and X-Powered

Posted: February 21, 2011 in Debian, Freebsd

Secure your apache and php by hide information of it.

for debian / ubuntu

root@webserv# pico /etc/apache2/conf.d/security

ServerTokens Prod

ServerSignature Off

after that for php5

root@webserv#/etc/php5/apache2/php.ini

find expose_php and closed it (default is on)

expose_php off

root@webserv# /etc/init.d/apache2 restart

 

For freebsd

webserv# pico /usr/local/etc/apache22/httpd.conf

ServerTokens Prod
ServerSignature Off

after that for php5

webserv# pico /usr/local/etc/php.ini

find expose_php and closed it (default is on)

expose_php off

webserv#/usr/local/etc/rc.d/apache2 restart

 

 

 

Advertisements
Comments
  1. Arthur says:

    Thanks, just applied this on a FreeBSD box, works fine 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s