On Wednesday 01 June 2005 03:41, steve nutt wrote:
Hello:
I am trying to reduce the amount of information given out when someone tries to Banner Grab for Version information. I read that "ServerToken" directive in httpd.conf file will limit the amount of information given out. First off I didn't find the "ServerToken" in the httpd.conf with a search. So I added it in the Global Setting section (where I found it on RedHat box). Set it to "ServerToken Prod" or "OS" or "Min" no quotation marks of course. I found "ServerSignature On" changed it to "Off", restarted httpd, and then ran "HEAD / HTTP/1.0" and it still comes back with
SUSE rule #1: never directly edit the config files unless you absolutely have to In this case, what you should have done is to set APACHE_SERVERTOKEN="Min" and APACHE_SERVERSIGNATURE="off" in /etc/sysconfig/apache2, and then run SuSEconfig --module apache2 One of the main benefits of suse is the configuration system. Why not use it?