10:00 AM
El DiPablo
I was making changes to an Apache web server I have in my environment that is running on Ubuntu Linux. That web server also has phpMyAdmin running on it as well and I wanted to restrict access to it by IP. Once I did that I tested it by trying to browse to it and I got the following forbidden error:
So what's the problem with that? Well it tells a potential attacker that you are not only running Apache version 2.2.17, but you are also running it on Ubuntu. Now an attacker can do a little research on vulnerabilities for your specific version, and know just what to do to break in. Let's not show them this information shall we.
To hide the version information open /etc/apache2/conf.d/security with your favorite text editor and change
ServerTokens OS
to
ServerTokens Prod
and
ServerSignature On
to
ServerSignature Off
Save the file and restart Apache by running sudo service apache2 restart. Now your error message will look like this:
Much better isn't it?
