Apache2: Disable server signature/banner

by admin on May.11, 2011, under Linux (Ubuntu)

In order to secure your apache web server you should remove the server signature. It is displayed at the bottom of the page whenever a user lists a directory of your web server and it contains some useful information for hackers (for instance the underlying OS, the apache version and similar details).

First of all you should navigate to /etc/apache2
This folder contains your web servers configuration files. You should see the following two files there: apache2.conf and httpd.conf
If the file size of httpd.conf is equal 0 (zero), open apache2.conf with your favourite text-editor.

Now apply the following line at the end of the file:

ServerSignature Off

Save the file and close it.

Finally execute:

/etc/init.d/apache2 reload

to reload the server’s configuration files.

2 Comments for this entry

cornernote
November 27th, 2013 on 06:00
In apache 12.04 LTS it’s best to do it here:
/etc/apache2/conf.d/security
Tony
October 31st, 2014 on 11:56
Very nice, if you need to remove the hole signature, also only the “Apache” string, check this out: http://docs.homelinux.org/apache:remove_server_header_field

RSS feed for this post (comments) TrackBack URI

Welcome
This blog was designed to be filled with articles related to some of our more recent projects, macOS and linux guides (particularly Debian), coding and plenty of other topics.
Navigator:

News

Gaming

Programming

Money

SMS

Linux

Photoshop

Reverse_Engineering