Home > Backend Development > PHP Tutorial > How to hide the Apache version in PHP+Apache environment to avoid being attacked

How to hide the Apache version in PHP+Apache environment to avoid being attacked

php中世界最好的语言
Release: 2023-03-18 07:28:01
Original
1684 people have browsed it

We know that many attacks on servers are targeted attacks based on software versions, so if you install is Apache, it is very necessary to hide its version number, which can also reduce hidden dangers. a method.


How to hide? The method to hide the Apache version number is actually very simple. Just set ServerTokensProd and ServerSignatureOff in httpd.conf.

By default, the system will display all Apache version modules (http returns header information).

If the directory is listed, the domain name information (file list text) will be displayed, such as:

[root@localhost tmp]# curl -I 192.168.80.128:88 HTTP/1.1 403 Forbidden Date: Wed, 21 Jul 2010 13:09:33 GMT Server: Apache/2.2.15 (CentOS) Accept-Ranges: bytes Content-Length: 5043 Connection: close Content- Type: text/html; charset=UTF-8

When you open a file that does not exist or is restricted, the version number of the apache you are using will be displayed at the bottom of the page.

Change the configuration file of apache, find the ServerTokens and ServerSignature directives, modify the default properties; find the httpd.conf file in your apache installation directory and open it, then Operate as follows:

#The default value of ServerTokensFull is FullServerTokensProd

#The default value of ServerSignatureOn is OnServerSignatureOff

Finally, just restart apache. Of course, if you do not find these two values You can add it yourself at the end of the file (confirm that it does not exist before adding it yourself).


# I believe you have mastered the methods after reading these cases. For more exciting information, please pay attention to other related articles on the php Chinese website!

Related reading:

A brief analysis of PHP programs to prevent ddos, dns, clusterSolutions to server attacks_PHP tutorial

PHP program prevents ddos, dns, clustersServer attacks

PHP product flash sale timing implementation (solve large traffic solution)

The above is the detailed content of How to hide the Apache version in PHP+Apache environment to avoid being attacked. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template