Mailinglist Archive: opensuse (2441 mails)

[Anders Johansson <andjoh@xxxxxxxxxx>]

On Wednesday 01 June 2005 03:41, steve nutt wrote:
> Hello:
>
> I am trying to reduce the amount of information given out when someone
> tries to Banner Grab for Version information. I read that "ServerToken"
> directive in httpd.conf file will limit the amount of information given
> out. First off I didn't find the "ServerToken" in the httpd.conf with a
> search. So I added it in the Global Setting section (where I found it on
> RedHat box). Set it to "ServerToken Prod" or "OS" or "Min" no quotation
> marks of course. I found
> "ServerSignature On" changed it to "Off", restarted httpd, and then ran
> "HEAD /
> HTTP/1.0" and it still comes back with

SUSE rule #1: never directly edit the config files unless you absolutely have 
to

In this case, what you should have done is to set

APACHE_SERVERTOKEN="Min"

and

APACHE_SERVERSIGNATURE="off"

in /etc/sysconfig/apache2, and then run SuSEconfig --module apache2

One of the main benefits of suse is the configuration system. Why not use it?