Hide the Apache Web Server Version number with ServerSignature and ServerTokens directives

Author: Vivek Gite Last updated: September 15, 2007 4 comments

Q. How do I hide the Apache version number under CentOS Linux 5 server?

A. You can easily hide Apche (httpd) version number and other information. There are two config directives that controls Apache version. The ServerSignature directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients. ServerSignature is set to on by default. The ServerTokens directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules. By setting this to Prod you only displays back Apache as server name and no version number displayed back.

Open your httpd.conf file using text editor such as vi:
vi httpd.conf

Append/modify config directive as follows:
ServerSignature Off
ServerTokens Prod

Save and close the file. Restart Apache web server:
# /etc/init.d/httpd restart


🐧 Please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
Related Tutorials
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
4 comments… add one
  • abu hassan alshamry Oct 20, 2011 @ 20:41

    thanks so much

    best

    Reply Link
  • verma Dec 7, 2012 @ 10:37

    Hi,
    Good article thanks for that . but when I tried some like this
    ServerSignature Off
    ServerTokens Prod

    # /etc/init.d/httpd restart

    It is still showing as
    server:Apache
    before following the above procedure it used to show server version and some other details . I am able to hide , but I want to hide server:Apache also , any help will be great appreciation

    regards
    Verma

    Reply Link
    • shivakumar k Feb 9, 2016 @ 7:13

      Hi Verma,

      Did you got solution for that ? kindly share it to me, am also facing this same issue

      Reply Link
  • roberto May 20, 2013 @ 9:21

    @ Verma, this will only remove apache version name

    Reply Link

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz

Next FAQ:

Previous FAQ:

🔎 Search this site

FEATURED ARTICLES

Sign up for my newsletter