For a server running Apache web server in a production environment, it is advisable to disable Server Signatures. These signatures displayed on error pages, and in other communications with the web server, may reveal sensitive information about the software versions running on the web server.
To disable server signatures via .htaccess, first locate (or create) the .htaccess file in the www directory. Add the following line to the file:
ServerSignature Off
It can also be done by modifying the httpd.conf file (also called apache2.conf in some systems). In httpd.conf, change these two settings, or add them to the bottom of the file if not present:
ServerSignature Off ServerTokens Prod
Lightning-fast VPS hosting with enterprise SSD storage, global data centers, and 99.99% uptime. Built for developers, trusted by enterprises.
support@solvps.com
1-888-256-8213
Live Chat Now