HTTP reply. Too much systems information displayed.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Hi
Recently we had a a security audit, one of the issues stated was that our servers report too much information which hackers can use.
see output from a netcraft site report.
OWNER IP OS WebServer
OWNER 123.123.123.123 Linux Apache
OWNER
123.123.123.123 Linux Apache/2.0.54 Ubuntu PHP/5.0.5-2ubuntu1 mod_ssl/2.0.54 OpenSSL/0.9.7g
OWNER 123.123.123.123 Linux Apache/1.3.34 Debian PHP/5.1.2 mod_gzip/1.3.26.1a mod_ssl/2.8.25 OpenSSL/0.9.8a mod_perl/1.29 DAV/1.0.3
OWNER 123.123.123.123 Linux Apache/1.3.33 Debian GNU/Linux PHP/5.0.4 mod_gzip/1.3.26.1a mod_ssl/2.8.22 OpenSSL/0.9.7d mod_perl/1.29 DAV/1.0.3
OWNER
123.123.123.123 Linux Apache/1.3.31 Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.19 OpenSSL/0.9.7d mod_perl/1.29 DAV/1.0.3
OWNER 123.123.123.123 Linux Apache/1.3.29 Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.16 OpenSSL/0.9.7c mod_perl/1.29 DAV/1.0.3
OWNER 123.123.123.123 Linux Apache/1.3.29 Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.16 OpenSSL/0.9.7c DAV/1.0.3
OWNER 123.123.123.123 Linux Apache/1.3.27 Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.14 OpenSSL/0.9.7b DAV/1.0.3
OWNER 123.123.123.123 Linux Apache/1.3.27 Unix Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.14 OpenSSL/0.9.7b DAV/1.0.3
OWNER 123.123.123.123
Linux Apache/1.3.27 Unix Debian GNU/Linux mod_gzip/1.3.26.1a mod_ssl/2.8.14 OpenSSL/0.9.7a DAV/1.0.3
Does anyone know how to configure apache not to give this information out in its http replies.
Thanks in advance
Darragh
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]
