> I'm getting this from my nessus probe, does know a way I can > remove the version of apache server WITHOUT touching the apache > source code?
Christian, Edit the following sections in your httpd.conf (located in /etc/httpd/conf in many Linux distributions): # # Don't give away too much information about all the subcomponents # we are running. Comment out this line if you don't mind remote sites # finding out what major optional modules you are running ### Flags are at http://httpd.apache.org/docs-2.0/mod/core.html#servertokens ServerTokens Prod # # Optionally add a line containing the server version and virtual host # name to server-generated pages (error documents, FTP directory listings, # mod_status and mod_info output etc., but not CGI generated documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of: On | Off | EMail # ServerSignature Off --Keith _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
