I cannot remove the "Server" header from the response headers. I am using Amazon EC2. I have added this in Apache config:
ServerSignature Off
Header unset Server
RequestHeader unset Server
It does not do anything. I can still see the server header saying "Ap开发者_JAVA百科ache (Amazon)" in the response headers. Any clue?
You can remove the "Server: Apache/2.2.22 (Unix) ..." line in the header as follows:
Download the Apache httpd tarball and unpack it in the usual way.
Change include/ap_release.h from:
#define AP_SERVER_BASEVENDOR "Apache Software Foundation"
#define AP_SERVER_BASEPROJECT "Apache HTTP Server"
#define AP_SERVER_BASEPRODUCT "Apache"
to
#define AP_SERVER_BASEVENDOR "-"
#define AP_SERVER_BASEPROJECT "-"
#define AP_SERVER_BASEPRODUCT "-"
Then recompile with your usual configure / make / make install procedure.
Finally, in your httpd.conf file, include the line:
ServerTokens Prod
Restart your server and the Apache header line will simply become "Server: -" .
It seems that Apache dev team think this is work as design. Anyway they provide a patch https://issues.apache.org/bugzilla/show_bug.cgi?id=40026
精彩评论