Apache Web Server : Turn Off Server Signature on CentOS 7 / RHEL 7

How to Turn Off Server Signature of Apache Web Server on CentOS 7 / RHEL 7 / SL 7 / OL 7. When we install Apache Web Server on respective Enterprise Linux when attacker is checking for the server signature it reveals the version of Apache Web Servers on respective Enterprise Linux. When the curl command is executed in terminal it shows the complete web server details including package name and version numbers. This tutorial show how to turn off the Server Signature of Apache Web Server.

How to Disable Server Signature of Apache Web Server on EL 7

Step-1 (Install the Apache Web Server)

How to install the Apache Web Server is provided in the given tutorial.

Step-2 (Check for the Server Signature)
[[email protected] ~]# curl --head http://techbrown.com
Sample Output
HTTP/1.1 403 Forbidden
Date: Wed, 29 Jun 2016 16:52:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Content-Type: text/html; charset=UTF-8

The given line shows server signature is enabled on your Apache Web Server

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
Step-3 (Dealing with Disabling Server Tokens for Apache Web Server)
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf

Add these line to last line of configuration file

ServerTokens Prod
Step-4 (Restart the Apache Web Server)
[[email protected] ~]# systemctl restart httpd
Step-5 (Check for the Server Signature)
[[email protected] ~]# curl --head http://techbrown.com
Sample output
HTTP/1.1 403 Forbidden
Date: Wed, 29 Jun 2016 17:10:25 GMT
Server: Apache
Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Content-Type: text/html; charset=UTF-8

The given line shows the server signature has been successfully disabled from your Apache Web Server.

Server: Apache

Final Words

Congrats now you have disabled the Server Signature from the Apache Web Server on respective enterprise Linux. If you have issues regarding this topic then you should consider to use the comment section below.

Related Post

Develop New SysAdmin Skills with E-books (FREE Download)