如果我們想隱藏apache的版本信息,或者隱藏apache的敏感信息需要我們在編譯之前對以下文件進行修改:(我們以apache的2.2.27版本爲列)
vim /usr/local/tools/httpd-2.2.27/include/ap_release.h
#define AP_SERVER_BASEPRODUCT "Apache" 改成 Microsoft-IIS
下面標紅的是指的apache的版本信息,我們可以做相對應的修改
#define AP_SERVER_MAJORVERSION_NUMBER 2 7
#define AP_SERVER_MINORVERSION_NUMBER 2 0
#define AP_SERVER_PATCHLEVEL_NUMBER 27 0
#define AP_SERVER_DEVBUILD_BOOLEAN 0 0
vim /usr/local/tools/httpd-2.2.27/os/unix/os.h
35 #define PLATFORM "Unix" 改成 Win32
修改完成後再編譯安裝查看就可以了!
安裝好後進行查看:
[root@Public httpd-2.2.27]# curl -I 127.0.0.1
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2017 13:15:52 GMT
Server: Microsoft-IIS/7.0.0 (Win32) DAV/2
Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
ETag: "8050a-2c-3e9564c23b600"
Accept-Ranges: bytes
Content-Length: 44
Content-Type: text/html
做好後,對apache的安全做寫相對應的優化:
vim /application/apache/conf/extra/httpd-default.conf
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod //修改爲Prod 可以修改爲紅色標記的參數。
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature off //將服務簽名關閉
再對apahce主配置文件進行關聯
vim /application/apache/conf/httpd.conf
Include conf/extra/httpd-default.conf //將註釋去掉