Results 1 to 4 of 4

Thread: Apache ServerTokens and ServerSignatures

  1. #1
    Join Date
    Dec 2005
    Location
    Islamabad, Pakistan
    Beans
    573
    Distro
    Ubuntu

    Apache ServerTokens and ServerSignatures

    From apache2.conf:
    Code:
    # Clipped
    
    ServerRoot "/etc/apache2"
    ServerName "localhost"
    
    ServerSignature Off
    ServerTokens    Prod
    
    # Clipped

    Being printed on error pages:
    Code:
    Apache/2.2.11 (Ubuntu) DAV/2 SVN/1.5.4 mod_fastcgi/2.4.6 Phusion_Passenger/2.2.4 mod_ssl/2.2.11 OpenSSL/0.9.8g mod_chroot/0.5 mod_perl/2.0.4 Perl/v5.10.0 Server at redmine.blade.local Port 443
    Its not working as it should. Why could be the reason?

    [EDIT]:
    Modified conf.d/security and commented the overridden settings there.
    Last edited by shoaibi; September 30th, 2009 at 12:17 PM. Reason: Issue Resolved
    - ^root^, Error404NotFound, sleeping`dragon, |404NotFound| on irc.freenode.net
    Blog | Company | @err404notfound

  2. #2
    Join Date
    May 2005
    Location
    Lyon, France
    Beans
    916
    Distro
    Ubuntu Development Release

    Re: Apache ServerTokens and ServerSignatures

    have you reloaded/restarted apache?
    James Dupin
    IT contractor
    Project delivery specialist
    http://fr.linkedin.com/in/jamesdupin

  3. #3
    Join Date
    Oct 2009
    Location
    Swift Current, SK
    Beans
    6
    Distro
    Ubuntu 10.04 Lucid Lynx

    Smile Re: Apache ServerTokens and ServerSignatures

    Quote Originally Posted by shoaibi View Post
    From apache2.conf:
    Code:
    # Clipped
    
    ServerRoot "/etc/apache2"
    ServerName "localhost"
    
    ServerSignature Off
    ServerTokens    Prod
    
    # Clipped

    Being printed on error pages:
    Code:
    Apache/2.2.11 (Ubuntu) DAV/2 SVN/1.5.4 mod_fastcgi/2.4.6 Phusion_Passenger/2.2.4 mod_ssl/2.2.11 OpenSSL/0.9.8g mod_chroot/0.5 mod_perl/2.0.4 Perl/v5.10.0 Server at redmine.blade.local Port 443
    Its not working as it should. Why could be the reason?

    [EDIT]:
    Modified conf.d/security and commented the overridden settings there.
    Thanks, that had me scratching my head for a while!

  4. #4
    Join Date
    Sep 2012
    Location
    ab.ca
    Beans
    149
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Apache ServerTokens and ServerSignatures

    I found my ServerToken in /etc/apache2/conf.d/security (ubuntu precise with apache port)

    Changing/adding values to httpd.conf or apache.conf had no effect here.

    Seems signatures are controlled by the ServerTokens directive since 2.0.2 or so as well.

    Use nmap -A your.ip.address after reloading to ensure your edits are in fact giving you the desired effect.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •