httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From paul carson <descaling...@gmail.com>
Subject Re: [users@httpd] Re: Apache Vulnerability
Date Sun, 10 Nov 2013 13:39:21 GMT
http://www.if-not-true-then-false.com/2009/howto-hide-and-modify-apache-serv
er-information-serversignature-and-servertokens-and-hide-php-version-x-power
ed-by/

You will find it at the link above


p
From:  John Hudak <jjhudak@gmail.com>
Reply-To:  <users@httpd.apache.org>
Date:  Sat, 9 Nov 2013 00:21:53 -0500
To:  <users@httpd.apache.org>
Subject:  Re: [users@httpd] Re: Apache Vulnerability

Thanks for the tip..now, would you be so kinds as to give a hint at what it
does???

Thanks
J



On Fri, Nov 8, 2013 at 8:58 PM, Good Guy <xfsgpr@hotmail.com> wrote:
> Just put this code at the end of your conf file:
> 
> *ServerSignature Off* *ServerTokens Prod*
> ServerSignature Off
> ServerTokens Prod
> 
> *ServerSignature Off* *ServerTokens Prod*
> *ServerSignature Off* *ServerTokens Prod*
> 
> 
> On 08/11/2013 08:08, pratibha.dhankhar@wipro.com wrote:
>> 
>> Hi,
>> 
>> We have received one apache vulnerability from our security auditors ³*_The
>> remote web server is load-balanced_*.² The solution to which is provided as
>> ³Update the web configuration to hide information disclosure.² .Can you
>> please explain what configuration needs to be done in order to rectify this
>> vulnerability.
>> 
>> 
> 
> -- 
> Good Guy
> Website: http://mytaxsite.co.uk
> Website: http://html-css.co.uk
> Email: http://mytaxsite.co.uk/contact-us <http://mytaxsite.co.uk/contact-us>
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <mailto:users-unsubscribe@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> 




Mime
View raw message