...
| Note |
|---|
As with any security notes, I will write a disclaimer that there are more advanced ways to secure Apache. You can go as far as compiling your own custom version but that's out of scope for now. |
Edit /etc/apache2/conf.d/security
set ServerTokens Prod - This turns off all the extra header information sent by Apache. Primarily, it would let a client know what version of Apache is being used. The information could be used to look up vulnerabilities on the particular version of Apache you are running.
...