Control Web Panel
WebPanel => Apache => Topic started by: r4tulan on November 25, 2015, 06:26:38 PM
-
http://prntscr.com/96vgah
This information could help an attacker determine which attack vectors the attacker are to use when targeting the system, and i dont want that!
-
Hi.
You can't hide it since a web browsers require the info.
You can hide a version numbers in a configs.
-
http://prntscr.com/96vgah
This information could help an attacker determine which attack vectors the attacker are to use when targeting the system, and i dont want that!
1) Login Cwp and go to Apache Settings / Apache Configuration .
2) Add the following two lines at the end of Apache config file in editor :
ServerSignature Off
ServerTokens Prod
3) Login to ssh and restart apache with "service httpd restart"
4) See changes in : http://seositecheckup.com/tools/server-signature-test
-
If you enable Mod Security via your CWP root user control panel, this will also mask the server signature and replace it with a generic CentOS Web Panel server signature like this:
Server: CentOS WebPanel: Protected by Mod Security