How To Remove Server Name From Apache Response Header

How To Remove Server Name From Apache Response Header

the HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and languages used by the web server.

  • ServerSignature Off: This directive hides the server version and OS details on server-generated pages like error messages.
  • ServerTokens Prod: Limits the information returned in the Server HTTP header to only the word Apache, preventing exposure of the exact version number or OS details.
  • SetOutputFilter DEFLATE: Enables output compression using mod_deflate, which reduces the size of the data sent to the client and improves loading times.

we can remove server name from Apache response header by:

  1. Open Apache Config File

    go to xampp\apache\conf\ httpd.conf 

    open and edit the code to hide server information in Apache as below:

    # Disable the server signature (hides server version details)
    ServerSignature Off
    # Show only minimal information about the server version
    ServerTokens Prod
    # Enable compression to improve website performance
    SetOutputFilter DEFLATE

  2. or locate .htaccess file (for wordpress)

    open .htaccess file and edit it by adding code as below:

    # Disable the server signature (hides server version details)
    ServerSignature Off
    # Show only minimal information about the server version
    ServerTokens Prod
    # Enable compression to improve website performance
    SetOutputFilter DEFLATE
  3. Restart Apache Server

    Restart Apache via the XAMPP control panel to apply the changes.

Category :


Tags :



Share this Article!

You may like this
See All