[Nessus] Web Server HTTP Header Information Disclosure
Enviado: 17 Fev 2016 20:55
Description
The HTTP headers provided by the remote web server provide information
that could aid an attacker such as the server version and languages used by the web server.
Solution
Modify the HTTP headers of the web server to not disclose detailed
information about the underlying web server.
Resolução do problema base CentOS / Red Hat Linux rodando servidor Apache
Para descobrir qual conf esta sendo utilizado
Editar e deixar como:
The HTTP headers provided by the remote web server provide information
that could aid an attacker such as the server version and languages used by the web server.
Solution
Modify the HTTP headers of the web server to not disclose detailed
information about the underlying web server.
Resolução do problema base CentOS / Red Hat Linux rodando servidor Apache
Código: Selecionar todos
/usr/sbin/httpd -VEditar
Código: Selecionar todos
/etc/httpd/conf/httpd.confCódigo: Selecionar todos
ServerTokens Prod
ServerSignature OffCódigo: Selecionar todos
/etc/init.d/httpd reload
/etc/init.d/httpd restart