the HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and languages used by the web server. <ul> <li><strong>ServerSignature Off:</strong> This directive hides the server version and OS details on server-generated pages like error messages.</li> <li><strong>ServerTokens Prod:</strong> Limits the information returned in the Server HTTP header to only the word Apache, preventing exposure of the exact version number or OS details.</li> <li><strong>SetOutputFilter DEFLATE:</strong> Enables output compression using mod_deflate, which reduces the size of the data sent to the client and improves loading times.</li> </ul> we can remove server name from Apache response header by: <ol> <li>Open Apache Config File go to <strong>xampp\apache\conf\ httpd.conf </strong> <strong>open and edit the code</strong> to hide server information in Apache as below: <div class="hcb_wrap"> <pre># Disable the server signature (hides server version details) ServerSignature Off # Show only minimal information about the server version ServerTokens Prod # Enable compression to improve website performance SetOutputFilter DEFLATE</pre> </div> <a href="https://www.v-norm.com/wp-content/uploads/2023/03/httpd.conf_.png"><img class="alignnone size-full wp-image-500" src="https://www.v-norm.com/wp-content/uploads/2023/03/httpd.conf_.png" alt="" width="1896" height="882" /></a></li> <li>or locate <em>.htaccess</em> file (for wordpress) open .htaccess file and edit it by adding code as below: <div class="hcb_wrap"> <pre># Disable the server signature (hides server version details) ServerSignature Off # Show only minimal information about the server version ServerTokens Prod # Enable compression to improve website performance SetOutputFilter DEFLATE</pre> </div></li> <li><span style="font-size: 16px;">Restart Apache Server </span> Restart Apache via the XAMPP control panel to apply the changes.</li> </ol>
VNorm 