Solved

Header Rewriting

Posted on 2004-09-26
3
234 Views
Last Modified: 2010-03-04
I run a test server on windows, basically just to test and build my site before I upload it to a real host.

I am using the apache2triad package (http://apache2triad.sourceforge.net/) It comes with Apache v.2.0

My question is, I have my site setup, ect.. using php-nuke as well as using googletap. I have an .htaccess file bout 30kb in size with various googletap info for modrewrite.

Everything works, but Isnt there a way to rewrite what the Apache reports is the service running
on port 80? I looked up online and found RequestHeader ect.. Not sure if that is what I am looking for, but if it is I have not gotten it to work.

I have ServerSignature set to Off

and I have expose_php set to off.

But If someone scanned me to find out my server type (possibly to use for narrowing down possible exploitation) I want to server to return maybe a null value? Instead of saying hi im Apache..

Anyone can help it would be apriciated.

And yes I have mod rewrite mod loaded and working.
0
Comment
Question by:dllfile
  • 2
3 Comments
 
LVL 15

Expert Comment

by:samri
ID: 12159668
hi dllfile,

Take a look at your ServerSignature directive in your httpd.conf (http://httpd.apache.org/docs-2.0/mod/core.html#serversignature)
---
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
ServerSignature On

---
And ServerTokens would be another interesteing feature that you may want to take a look at : http://httpd.apache.org/docs-2.0/mod/core.html#servertokens

0
 
LVL 15

Accepted Solution

by:
samri earned 70 total points
ID: 12159751
sorry.  after rereading the question -- just found out that you need to totally make you apache to be "invisible".

IMHO, this would require the source code to be modified, and the server to be rebuilt (recompiled).

I would personally would be interested to learn the "eay-way" to achieve this.

cheers.
0
 

Author Comment

by:dllfile
ID: 12168803
ya, after requesting some info on it from other sites including apache2triad forums, it looks as tho the only option is to actually modify the source code and recompile my own version :(

Looks like I am out of that loop, dont have the knowledge or the tools even to do this myself. Thanks for the help
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now