Command line to know the apache version running on a remote server using IP address

Cyber Ninja
Cyber Ninja used Ask the Experts™
on
What command can i run from mac terminal to know the version of Apache that’s running on a remote web server using IP address
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi,

httpd -v
will give you the version of Apache running the server (if you have SSH/shell access).

If you trying to get server information on a server that you don't own , for security reason this information should not be available.

Author

Commented:
Yes i have remote access; whats the full command to type??
If you have access to the server you can also use a file https://www.php.net/manual/en/function.phpinfo.php

<?php

// Show all information, defaults to INFO_ALL
phpinfo();

// Show just the module information.
// phpinfo(8) yields identical results.
phpinfo(INFO_MODULES);

?>

Open in new window

11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

Author

Commented:
What if I don’t have access to the server and i just want to confirm its been updated to the latest version?
Principal Software Engineer
Commented:
If you don't have access to the server's host then it is unlikely that you can get this information.  Prudent Apache managers disable both mod_info and mod_status, and restrict the informational headers as well.

Author

Commented:
What command can i use to disable the mod_info and mod_status
David FavorFractional CTO
Distinguished Expert 2018
Commented:
Disabling mod_info + mod_status will have no useful effects blocking scans.

The easy way to accomplish what you're after is to use nmap, as in...

imac> sudo nmap -A -T4 -p443 davidfavor.com
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-13 05:22 CST
Nmap scan report for davidfavor.com (144.217.145.114)
Host is up (0.052s latency).
rDNS record for 144.217.145.114: ip114.ip-144-217-145.net

PORT    STATE SERVICE VERSION
443/tcp open  ssl/ssl Apache httpd (SSL-only mode)
|_http-generator: Asciidoctor 2.0.10
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: David Favor Consulting
| ssl-cert: Subject: commonName=davidfavor.com
| Subject Alternative Name: DNS:*.davidfavor.com, DNS:davidfavor.com
| Not valid before: 2019-10-27T00:02:51
|_Not valid after:  2020-01-25T00:02:51

Open in new window


Using nmap digs deeply into the server code, usually making a good guess at code running code versions running.

You can disable things like Apache headers + then you'll use different nmap scripts, which take longer to run, and also get very close to providing correct version info.

Suggestion: Open another question about your purpose for determining external software versions + the actual domain/host you're probing.

Likely many people can provide good comments about how to determine software version.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial