How To Remove Server Name From Apache Response Header
the HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and languages used by the web server.
- ServerSignature Off: This directive hides the server version and OS details on server-generated pages like error messages.
- ServerTokens Prod: Limits the information returned in the Server HTTP header to only the word Apache, preventing exposure of the exact version number or OS details.
- SetOutputFilter DEFLATE: Enables output compression using mod_deflate, which reduces the size of the data sent to the client and improves loading times.
we can remove server name from Apache response header by:
- Open Apache Config File
go to xampp\apache\conf\ httpd.conf
open and edit the code to hide server information in Apache as below:
# Disable the server signature (hides server version details) ServerSignature Off # Show only minimal information about the server version ServerTokens Prod # Enable compression to improve website performance SetOutputFilter DEFLATE
- or locate .htaccess file (for wordpress)
open .htaccess file and edit it by adding code as below:
# Disable the server signature (hides server version details) ServerSignature Off # Show only minimal information about the server version ServerTokens Prod # Enable compression to improve website performance SetOutputFilter DEFLATE
- Restart Apache Server
Restart Apache via the XAMPP control panel to apply the changes.
Category :
Tags :
Share this Article!
