rhoekman
Verified User
A lot of scriptkiddies have tools to scan the internet for vulnerable servers. One way to slow them down is to minimize the information sent back when they are probing.
Hiding version numbers to the outside world.
Apache:
Apache wil give a lot of information back:
tester# telnet www.directadmin.com 80
Trying 66.51.122.131...
Connected to directadmin.com.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 10 Jan 2004 07:36:56 GMT
Server: Apache/1.3.29 (Unix) mod_ssl/2.8.16 OpenSSL/0.9.6b PHP/4.3.4 mod_perl/1.27 FrontPage/5.0.2.2623
Last-Modified: Mon, 16 Jun 2003 01:28:03 GMT
ETag: "78002-2b22-3eed1d23"
Accept-Ranges: bytes
Content-Length: 11042
Connection: close
Content-Type: text/html
Connection closed by foreign host.
tester#
To reduce the information.. Search for ServerSignature in httpd.conf:
Turn ServerSignature to Off and add a line with ServerToken Prod like this:
ServerSignature Off
ServerTokens Prod
Its simple but very effective.. It will only show Server: Apache
After this you have to restart httpd to make it effective.
Rick
Hiding version numbers to the outside world.
Apache:
Apache wil give a lot of information back:
tester# telnet www.directadmin.com 80
Trying 66.51.122.131...
Connected to directadmin.com.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 10 Jan 2004 07:36:56 GMT
Server: Apache/1.3.29 (Unix) mod_ssl/2.8.16 OpenSSL/0.9.6b PHP/4.3.4 mod_perl/1.27 FrontPage/5.0.2.2623
Last-Modified: Mon, 16 Jun 2003 01:28:03 GMT
ETag: "78002-2b22-3eed1d23"
Accept-Ranges: bytes
Content-Length: 11042
Connection: close
Content-Type: text/html
Connection closed by foreign host.
tester#
To reduce the information.. Search for ServerSignature in httpd.conf:
Turn ServerSignature to Off and add a line with ServerToken Prod like this:
ServerSignature Off
ServerTokens Prod
Its simple but very effective.. It will only show Server: Apache
After this you have to restart httpd to make it effective.
Rick