七.屏蔽apache版本信息 1.在apache主配置文件httpd.conf中,找到包含httpd-default.conf的行,并解开注释 #Include conf/extra/httpd-default.conf 2.尽管配置文件 1.[ /]# grep Server conf/extra/httpd-default.conf|grep -v "#" ServerTokens full ServerSignature Off修改为 ServerTokens ProdServerSignature Off经过上面的修改,当你在curl-I的时候,还是会出现下面的信息[ apache]# curl -I www.test.com HTTP/1.1 200 OKDate: Tue, 21 Oct 2014 04:32:53 GMTServer: Apache/2.2.29 (Unix) DAV/2 PHP/5.3.29X-Powered-By: PHP/5.3.29X-Pingback: http://www.test.com/xmlrpc.phpVary: Accept-EncodingContent-Type: text/html; charset=UTF-8=====================================================[ apache]# curl -I www.test.com HTTP/1.1 200 OKDate: Tue, 21 Oct 2014 04:36:17 GMTServer: ApacheX-Powered-By: PHP/5.3.29X-Pingback: http://www.test.com/xmlrpc.phpVary: Accept-EncodingContent-Type: text/html; charset=UTF-8
来源: