• 欢迎访问VPS岛网站,国外VPS,国内VPS,国外服务器,国内服务器,服务器主机,测评及优惠码,推荐使用最新版火狐浏览器和Chrome浏览器访问本网站 QQ群

apache 隐藏版本信息隐藏敏感信息

Apache技术 Zach_legend 78次浏览 已收录 0个评论

如果我们想隐藏apache的版本信息,或者隐藏apache的敏感信息需要我们在编译之前对以下文件进行修改:(我们以apache的2.2.27版本为列)


vim /usr/local/tools/httpd-2.2.27/include/ap_release.h
#define AP_SERVER_BASEPRODUCT “Apache”                   改成  Microsoft-IIS

下面标红的是指的apache的版本信息,我们可以做相对应的修改
#define AP_SERVER_MAJORVERSION_NUMBER 2                      7
#define AP_SERVER_MINORVERSION_NUMBER 2                      0
#define AP_SERVER_PATCHLEVEL_NUMBER   27                      0
#define AP_SERVER_DEVBUILD_BOOLEAN    0                       0


vim /usr/local/tools/httpd-2.2.27/os/unix/os.h

 35 #define PLATFORM “Unix                                      改成   Win32


修改完成后再编译安装查看就可以了!


安装好后进行查看:


[root@Public httpd-2.2.27]# curl -I 127.0.0.1
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2017 13:15:52 GMT
Server: Microsoft-IIS/7.0.0 (Win32) DAV/2
Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
ETag: “8050a-2c-3e9564c23b600”
Accept-Ranges: bytes
Content-Length: 44
Content-Type: text/html


做好后,对apache的安全做写相对应的优化:


vim /application/apache/conf/extra/httpd-default.conf

# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is ‘Full’ which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod     //修改为Prod 可以修改为红色标记的参数。


#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to “EMail” to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
ServerSignature off    //将服务签名关闭


再对apahce主配置文件进行关联

vim /application/apache/conf/httpd.conf

Include conf/extra/httpd-default.conf        //将注释去掉

 


VPS岛 的文章和资源来自互联网,仅作为参考资料,如果有侵犯版权的资源请尽快联系站长,我们会在24h内删除有争议的资源。丨 转载请注明apache 隐藏版本信息隐藏敏感信息
喜欢 (0)
发表我的评论
取消评论

表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址