Last updated on September 21st, 2021 at 11:05 am
It is essential to remove Apache server header to hide Apache server information and protect your website from malicious attackers. Here’s how to remove server name from Apache response header using htaccess. You can use it to hide the Apache version and server type in Ubuntu, CentOS
How To Remove Server Name From Apache Response Header
Here’s how to remove server name from Apache response header. You can use it to turn off server signature in CPanel also
1. Open Apache Config File
Open terminal and run the following command to open Apache main configuration file.
CentOS/Fedora:
$ sudo vi /etc/httpd/conf/httpd.conf
Ubuntu/Debian:
$ sudo vi /etc/apache2/apache2.conf
Bonus Read : How to Enable GZIP Compression in Apache
2. Turn Off Server Signature
Add/modify the following lines to hide server information in Apache.
ServerSignature Off ServerTokens Prod
ServerSignature – appears at the bottom of server generated pages such as error pages, directory listings, etc. It takes On/Off/EMail values, where EMail shows a “mailto:” reference to Site Admin’s email.
ServerTokens – ServerTokens decides what Apache will send back in response headers. It takes the following values
ServerTokens Full (or not specified) Response to clients: Server: Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2 ServerTokens Prod[uctOnly] Response to clients: Server: Apache ServerTokens Major Response to clients: Server: Apache/2 ServerTokens Minor Response to clients: Server: Apache/2.4 ServerTokens Min[imal] Response to clients: Server: Apache/2.4.2 ServerTokens OS Response to clients: Server: Apache/2.4.2 (Unix)
Bonus Read : How to Install mod_evasive in Apache
If you want to disable server signature in WordPress or turn off server signature in CPanel, then you will have to remove Apache server using .htaccess file, since you may not have access to Apache’s main configuration file.
Open CPanel, locate .htaccess file and edit it. Add the following 2 lines to .htaccess file
ServerSignature Off ServerTokens Prod
Bonus Read : How to Move Apache Web Root to New Location
3. Restart Apache Server
Restart Apache Server to apply changes
$ sudo systemctl restart apache2 #SystemD $ sudo service apache2 restart #SysVInit
That’s it! Now Apache will hide server information such as server type & version in response headers.
That’s it! Now Apache will hide server information such as server type & version in response headers. By the way, if you want to create charts & dashboards to monitor your business or website, you can try Ubiq. We offer a 14-day free trial.
Sreeram Sreenivasan is the Founder of Ubiq. He has helped many Fortune 500 companies in the areas of BI & software development.