httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Yves Bonnetain <py.bonnet...@ba-cst.com>
Subject Re: [users@httpd] Removing or overwriting "Server" header field.
Date Wed, 24 Jan 2007 14:52:41 GMT
Hello,

Simon Ashford wrote:
> We recently had a security audit done and one of the
> points noted was that it was possible to identify the
> web server software in use from the "Server" header.
> So I would like to remove or completely overwrite
> this header with something meaningless.

mod_security and SecServerSignature directive.
-- 
Pierre-Yves Bonnetain
B&A Consultants - Sécurité informatique - www.ba-cst.com
Tel. : +33 (0) 567 040 403 - Fax : +33 (0) 567 737 829

Mime
View raw message