Don Balunos wrote: > > Can anyone help me how to configure Apache web > server to return bogus versions, so that it makes the > cracker job more difficult. > > Apache/1.3.22 (Unix) (Red-Hat/Linux) mod_ssl/2.8.5 > OpenSSL/0.9.6 DAV/1.0.2 PHP/4.0.4pl1 > mod_perl/1.24_01
Hi, You can use the 'ServerTokens' configuration directive to limit the version information apache will return. See - http://httpd.apache.org/docs/mod/core.html#servertokens - for more information. Cheers, Mike.
