How to Hide Apache, Nginx, or PHP version on Ubuntu

How to Hide Apache, Nginx, or PHP version on Ubuntu
How to Hide Apache, Nginx, or PHP version on Ubuntu

For an attacker, it is very easy to discover valuable information such as the web server version, server operating system, and PHP version.

it is recommended that you disable or hide this information from attackers who might be targeting your server by requiring you to know whether you are running PHP or not, Apache or Nginx.

In this tutorial post, we are going to show you how to hide this sensitive information (Hide Apache, Nginx, or PHP version) on the Ubuntu Server Operating system.


Step1. Let's check Header Details of any Website.

You can use wget or curl command to fetch header details of any website via command line.

curl -IL https://some-server-ip-OR-domain-name/
curl -IL https://vetechno.in/

OR

wget --server-response --spider http://example.com/
When you run the above command you will get the below output. As you can see it clearly visible web server version, php version and other sensitive information.

root@vetechno:~# curl -IL https://vetechno.in

HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1
Date: Wed, 12 May 2021 07:05:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.vetechno.in/

HTTP/2 200
date: Wed, 12 May 2021 07:05:15 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.2.17
cache-control: must-revalidate, no-cache, private
link: <https://www.vetechno.in/>; rel="shortlink", <https://www.vetechno.in/>; rel="canonical"
link: <https://www.vetechno.in/home>; rel="revision"
link: <//d3tj4hjkds11o5e.cloudfront.net>; rel=preconnect; crossorigin
link: <//d3tj4hjkds11o5e.cloudfront.net>; rel=dns-prefetch
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Mon, 10 Nov 2010 05:23:00 GMT
x-generator: Drupal 8 (https://www.drupal.org)
x-dns-prefetch-control: on
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

Step2. Disable / hide Apache Web Server Details.

To hide the version of web server, open your Apache web server configuration file using your favorite editor:

$ sudo vi /etc/apache2/apache2.conf        #Ubuntu/Debian systems
$ sudo vi /etc/httpd/conf/httpd.conf         #CentOS/RHEL systems
And add the below command. Then save and exit from conf file.

ServerTokens Prod
ServerSignature Off

Step3. Restart the web server.


$ sudo systemctl restart apache2               #Ubuntu/Debian systems
OR
$ sudo service apache2 restart     
$ service httpd restart                                 #CentOS/RHEL systems

Step4. Hide PHP Version

By default in the PHP configuration allows the HTTP response header 'X-Powered-By' to display/show the PHP version on the Server.

Find below php.ini configuration file

* Ubuntu/Debian/Linuxmint – /etc/php/7.4/cli/php.ini

* CentOS/Fedora/Redhat – /etc/php.ini

Before you making any changes to php.ini configuration file, I suggest you to first make a backup of your php.ini config file

---------------- On Debian/Ubuntu  veTechno---------------- 
$ sudo cp /etc/php/7.4/cli/php.ini  /etc/php/7.4/cli/php.ini.bkp 

---------------- On CentOS/RHEL/Fedora veTechno ---------------- 
$ sudo cp /etc/php.ini /etc/php.ini.bkp

Step5. Now open the file with your favorite text editor with super user privileges.


$ sudo vi /etc/php/7.4/cli/php.ini              #Ubuntu/Debian Systems
$ sudo vi /etc/php.ini                                #CentOS/RHEL Systems
Search the keyword expose_php and set its value to Off:

expose_php = off

Step6. Save the file and exit. Then restart the Apache web server as given below.


$ sudo systemctl restart apache2            #Ubuntu/Debian Systems
$ sudo systemctl restart httpd                 #CentOS/RHEL Systems

Step7. Verify the Settings

Now verify the necessary changes in your server and compare the output with earlier results by following commands. 

curl -IL https://some-server-ip-OR-domain-name/
curl -IL https://vetechno.in/

OR

wget --server-response --spider http://example.com/
 
Find the below final results.



root@vetechno:~# curl -IL https://vetechno.in

HTTP/1.1 200 OK
Date: Wed, 12 May 2021 11:21:45 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2019 11:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Content-Type: text/html; charset=UTF-8

Conclusion

Congratulation you have successfully  Hide Apache, Nginx, or PHP version on Ubuntu/CentOS. Please let me know in the comment box you are facing any issue while configuring the settings.

Comments

Post a Comment

Popular posts from this blog

Failed to establish the VPN connection. This may be caused by a mismatch in the TLS version.

Image
Failed to establish the VPN connection. This may be caused by a mismatch in the TLS version.  Hey readers, In this post  we will share you how to fix " Failed to establish the VPN connection. This may be caused by a mismatch in the TLS version. Please check the TLS version settings in the Advanced of the Internet options:- (5029) " error that comes in windows 10 or windows 7 while connecting to VPN. This error generally happens because of the TLS mismatch in the windows machine or client machine. Read Also:-  How to Download and install Windows 11 on Virtual Box | VMware | Laptop Download, install and activate Microsoft Office 2019 for FREE legally How to Download Windows 11 ISO file [Direct Google Drive link] 2021   How to Fix Forticlient TLS 'error 5029': failed to establish the VPN connection ? Step1. Go to Internet Explorer. Step2. Now search for setting and  then select internet option/properties. OR Open run box and type "inetcpl.cpl" Step3. Select...
Read more

To make SSL VPN connection work, please turn off IE security configuration | vetechno

Image
turn off internet explorer enhanced security configuration server 2019   Hello reader, if you are installing and configuring SSL Forticlient VPN on Windows Server 2019, you might got a warning message saying that " To make SSL VPN connection work, please turn off IE security configuration " on Windows server 2019. In this blog, we will fix the warning message and configure the SSL Forticlient VPN on Windows Server 2019. Failed to establish the VPN connection. This may be caused by a mismatch in the TLS version. How do you turn off Internet Explorer Enhanced Security Configuration is enabled? If Internet Explorer Enhanced Security Configuration (IE ESC) is turned on, you will receive an error message to disable this setting before you can log on Application. To avoid this problem, follow the below simple steps. To turn off Internet Explorer Enhanced Security Configuration: Step 1. Enter Server Manager in Windows search to start Server manager application. Step 2. Select Lo...
Read more

How to download and install GlobalProtect VPN on Ubuntu 20.04 LTS | vetechno

Image
How to download and install GlobalProtect VPN on Ubuntu 20.04 LTS | vetechno Hello reader's Today I am going to tell you how to download and install Palo Alto GlobalProtect app for Linux/Ubuntu . Many users are not able to find the direct link to download the global protect vpn for ubuntu 20.04 LTS. In this blog post, I am sharing my google drive link where i have uploaded the .tgz file were you can directly download the GlobalProtect tgz file. The size of file is approx 82.7 MB.  Also Read How to install Forticlient VPN on Ubuntu 22.04 LTS Jammy Jellyfish How do I install FortiClient VPN on Ubuntu 20.04 LTS  How to install and setup Nord VPN on Ubuntu 20.04 LTS  How to install Cisco Anyconnect VPN on Ubuntu 18.04 and Ubuntu 20.04 LTS Prerequisite * Root / Sudo Access * Linux Operating System Download GlobalProtect VPN for Linux  Click here How to install GlobalProtect VPN on Ubuntu / CentOS and Red Hat Step.1 Download GlobalProtect VPN client from the above give...
Read more