When Apache cant find the page that you are looking for it says “Not Found” and then it reveals your apache version number and sometimes even the modules that you have enabled. Do you want this?
For me the answer is of course not.. why would you?
In Debian you change these two directives in the file “/etc/apache2/conf-available/security.conf”:
ServerTokens Prod ServerSignature Off
The ServerTokens are:
- Full – Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2
- Prod – Apache
- Major – Apache/2
- Minor – Apache/2.4
- Min – Apache/2.4.2
- OS – Apache/2.4.2 (Unix)
ServerSignature can be either On, Off or Email. Where email displays the mail address of the server admin.