[웹서버] 아파치웹서버 정보 숨기기

telnet tt.co.kr 80

Trying 210.121.176.235…

Connected to tt.co.kr.

Escape character is ‘^]’.

GET / HTTP /1.1

HTTP/1.1 200 OK

Date: Wed, 10 Jan 2001 17:11:49 GMT

Server: Apache/1.3.9 (ALZZA/Linux)

Last-Modified: Thu, 12 Oct 2000 07:01:34 GMT

ETag: “81ba7-21b-39e561ce”

Accept-Ranges: bytes

Content-Length: 539

Connection: close

Content-Type: text/html

위와 같이 80 번 포트로 접속하면 버전 정보를 볼 수 있습니다.

이때 httpd.conf 에 ServerTokens 라는 설정을 하면 됩니다..

보다 세부적인 설명은 아래를 참고하세요…

ServerTokens directive

Syntax: ServerTokens Minimal|ProductOnly|OS|Full

Default: ServerTokens Full

Context: server config

Status: core

Compatibility: ServerTokens is only available in Apache 1.3 and

later; the ProductOnly keyword is only available in versions later

than 1.3.12

This directive controls whether Server response header field which

is sent back to clients includes a description of the generic OS-

type of the server as well as information about compiled-in modules.

예)

ServerTokens Prod[uctOnly]

Server sends (e.g.): Server: Apache

ServerTokens Min[imal]

Server sends (e.g.): Server: Apache/1.3.0

ServerTokens OS

Server sends (e.g.): Server: Apache/1.3.0 (Unix)

ServerTokens Full (or not specified)

Server sends (e.g.): Server: Apache/1.3.0 (Unix) PHP/3.0 MyMod/1.2

This setting applies to the entire server, and cannot be enabled or

disabled on a virtualhost-by-virtualhost basis.