Disable Apache Server Signature via .htaccess (Linux Server)

For a server running Apache web server in a production environment, it is advisable to disable Server Signatures. These signatures displayed on error pages, and in other communications with the web server, may reveal sensitive information about the software versions running on the web server.

To disable server signatures via .htaccess, first locate (or create) the .htaccess file in the www directory. Add the following line to the file:

ServerSignature Off

It can also be done by modifying the httpd.conf file (also called apache2.conf in some systems). In httpd.conf, change these two settings, or add them to the bottom of the file if not present:

ServerSignature Off
ServerTokens Prod


This entry was posted in Guides & How To's, Linux VPS, Security, VPS Hosting and tagged , , , . Bookmark the permalink. Trackbacks are closed, but you can post a comment.

Questions? We're here to help.