Archive for the ‘firefox’ tag
Every time a url is requested that does not exist on a webserver an error page is displayed. By default, the page is trailed by the signature of the server. The signature includes information about the webserver version, the operating system, installed modules like PHP, Python, SSL and many more.
As everyone knows, there is no software out there without security problems. Those versions of the installed modules can be used to attack the server. Therefore, it is a good idea to reduce or deactivate the signature.
The apache configuration file apache2.conf contains two settings that allow modifications for this subject. The default settings are displayed here.
ServerSignature = Full ServerTokens = Prod
The following screenshot shows what would be displayed with the setting:
ServerSignature = Prod
The apache documentation provides more information and examples on how to change the signature.
Another way to display the information attached to the server signature is to use the Firefox add-on Live HTTP Headers.