One of the things which gives a potential attacker some help is them knowing which versions of software you use. This can be very easy to find out, particularly if you have never taken steps to secure this information.<\/p>\n
For example: I would like to know what software apache.org are using\/have used so I look at netcraft (for example) http:\/\/toolbar.netcraft.com\/site_report?url=http:\/\/www.apache.org<\/p>\n
<\/p>\n
192.87.106.226 Linux Apache\/2.2.3 Unix mod_ssl\/2.2.3 OpenSSL\/0.9.7g<\/strong> 12-Apr-2007<\/p>\n I now know that I should look for exploits relating to linux, apache v2.2.3, mod_ssl 2.2.3 and OpenSSL0.9.7g.<\/p>\n By hiding this information you can either report simply \u201cunknown\u201d or just \u201capache\u201d and no other info. This doesn\u2019t directly make your box more secure, what it does do is start to make the task more difficult for a would-be attacker and for such a small amount of effort it really does seem silly not to do it. So how?<\/p>\n The first thing is to set the ServerTokens directive. I am using a RH linux box so if you know your OS differs, find the corresponding location of your httpd.conf:<\/p>\n vi or pico \/etc\/httpd\/conf\/httpd.conf<\/strong><\/p><\/blockquote>\n Find the line(s) containing ServerTokens and ServerSignature<\/p>\n ServerTokens has the following options (I used Prod):<\/p>\n ProductOnly \u00a0\u00a0\u00a0 Server: Apache ServerTokens ProductOnly Close the config file and restart apache (service apache restart OR \/etc\/init.d\/httpd restart<\/strong>)<\/p>\n","protected":false},"excerpt":{"rendered":" One of the things which gives a potential attacker some help is them knowing which versions of software you use. This can be very easy to find out, particularly if you have never taken steps to secure this information.<\/p>\n For example: I would like to know what software apache.org are using\/have used so I look […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/948"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=948"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/948\/revisions"}],"predecessor-version":[{"id":949,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/948\/revisions\/949"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nMajor \u00a0\u00a0\u00a0 Server: Apache\/2
\nMinor \u00a0\u00a0\u00a0 Server: Apache\/2.2
\nMinimal \u00a0\u00a0\u00a0 Server: Apache\/2.2.3
\nOS \u00a0\u00a0\u00a0 Server: Apache\/2.2.3 (RedHat)
\nFull (or not specified) default \u00a0\u00a0\u00a0 Server: Apache\/2.2.34 (RedHat) mod_ssl\/2.2.3 OpenSSL\/0.9.7g
\nThe syntax is as follows:<\/p>\n
\nServerSignature Off<\/strong><\/p><\/blockquote>\n