Re: Re: Apache Vulnerability (Apache Users)

Re: Re: Apache Vulnerability

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: <users@xxxxxxxxxxxxxxxx>

Subject: Re: Re: Apache Vulnerability

From: paul carson <descaling.pc@xxxxxxxxx>

Date: Sun, 10 Nov 2013 14:39:21 +0100

In-reply-to: <CAPFCoitLo1WsFFjEO3HHw98DFZ+hsRjuLEDDCTsO_NV3O-417w@mail.gmail.com>

Reply-to: users@xxxxxxxxxxxxxxxx

Thread-topic: Re: Apache Vulnerability

User-agent: Microsoft-MacOutlook/14.12.0.110505

http://www.if-not-true-then-false.com/2009/howto-hide-and-modify-apache-server-information-serversignature-and-servertokens-and-hide-php-version-x-powered-by/

You will find it at the link above

From: John Hudak <jjhudak@xxxxxxxxx>
Reply-To: <users@xxxxxxxxxxxxxxxx>
Date: Sat, 9 Nov 2013 00:21:53 -0500
To: <users@xxxxxxxxxxxxxxxx>
Subject: Re: Re: Apache Vulnerability

Thanks for the tip..now, would you be so kinds as to give a hint at what it does???

Thanks

On Fri, Nov 8, 2013 at 8:58 PM, Good Guy <xfsgpr@xxxxxxxxxxx> wrote:

Just put this code at the end of your conf file:

*ServerSignature Off* *ServerTokens Prod*
ServerSignature Off
ServerTokens Prod

*ServerSignature Off* *ServerTokens Prod*
*ServerSignature Off* *ServerTokens Prod*

On 08/11/2013 08:08, pratibha.dhankhar@xxxxxxxxx wrote:

Hi,

We have received one apache vulnerability from our security auditors “*_The remote web server is load-balanced_*.” The solution to which is provided as “Update the web configuration to hide information disclosure.” .Can you please explain what configuration needs to be done in order to rectify this vulnerability.

--
Good Guy
Website: http://mytaxsite.co.uk
Website: http://html-css.co.uk
Email: http://mytaxsite.co.uk/contact-us

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx