[웹서버] 아파치웹서버 정보 숨기기
telnet tt.co.kr 80
Trying 210.121.176.235…
Connected to tt.co.kr.
Escape character is ‘^]’.
GET / HTTP /1.1
HTTP/1.1 200 OK
Date: Wed, 10 Jan 2001 17:11:49 GMT
Server: Apache/1.3.9 (ALZZA/Linux)
Last-Modified: Thu, 12 Oct 2000 07:01:34 GMT
ETag: “81ba7-21b-39e561ce”
Accept-Ranges: bytes
Content-Length: 539
Connection: close
Content-Type: text/html
위와 같이 80 번 포트로 접속하면 버전 정보를 볼 수 있습니다.
이때 httpd.conf 에 ServerTokens 라는 설정을 하면 됩니다..
보다 세부적인 설명은 아래를 참고하세요…
ServerTokens directive
Syntax: ServerTokens Minimal|ProductOnly|OS|Full
Default: ServerTokens Full
Context: server config
Status: core
Compatibility: ServerTokens is only available in Apache 1.3 and
later; the ProductOnly keyword is only available in versions later
than 1.3.12
This directive controls whether Server response header field which
is sent back to clients includes a description of the generic OS-
type of the server as well as information about compiled-in modules.
예)
ServerTokens Prod[uctOnly]
Server sends (e.g.): Server: Apache
ServerTokens Min[imal]
Server sends (e.g.): Server: Apache/1.3.0
ServerTokens OS
Server sends (e.g.): Server: Apache/1.3.0 (Unix)
ServerTokens Full (or not specified)
Server sends (e.g.): Server: Apache/1.3.0 (Unix) PHP/3.0 MyMod/1.2
This setting applies to the entire server, and cannot be enabled or
disabled on a virtualhost-by-virtualhost basis.