Turn Off Server Signature for Better Server Security

By 18-05-2012   Domain HostingSecuritySEO
Tweet Share Email Share  

Do you turn off server signature for better site security? Just like you turned off the visibility of your WordPress version, why do you want hackers to know about your server signature which clearly displays your private server details like your Apache version.

Server Signature

It is very easy for anyone to view your Apache versions and other installed critical software on your server, and if you don’t upgrade your server software like Apache to the latest versions, and fail to fix security issues which these upgrades fix, then you don’t want anyone online to be aware about your server details. Any simple online tool will show HTTP site headers of any site. This is a sample site I checked.

server signature on

Advertisements

As you can see it is very easy to see all the server details, and hackers can get a good idea about servers which haven’t been upgraded to the latest software versions, which means to say that your server is not adequately patched with security fixes and is prone to hacking.

Turn off server signature

So if you want to quickly check if your site hosting server is revealing your server signature to the world, simply use this site to check server signature  and you can find out if your server signature is off. It is a good idea to turn off your server signature for better site security.

check server signature

How do you turn off server signature? Well we got our amazing hosting service provider Knownhost to fix the issue. Our hosting service fixed the issue after we sent them an support request quickly. Probably if you are an expert in managing servers (like many amazing QOT readers!), you can fix it yourself.

They informed me that they added the following values in the Apache configuration file to switch off the Server Signature.
ServerSignature Off
ServerTokens ProductOnly

If you login to WHM  > Service Configuration > Apache Configuration

server signature options

Now with the server signature off, see how your HTTP site headers will look like.if

server signature off

I just browsed the server details of several top websites, surprisingly which are running on very old software versions! So what are you waiting for, if  went ahead to hide WordPress version, then you should go ahead and switch off server signature right now for better server security and site safety.

5 comments on “Turn Off Server Signature for Better Server Security

  1. Web says:

    How to disable server signature using .htaccess or by editing Apache?

  2. Bucki says:

    @ Web

    # disable the server signature
    ServerSignature Off

  3. chili says:

    it do not work in my htaccess

  4. This is such a great resource that you are providing and you give it away for free. It gives in depth information. Thanks for this valuable information.

  5. thanks for the information it has on you give, it is useful information for many people

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php