How do I Hide Apache Version info?
Open httpd.conf file (located in /etc/httpd/ directory /etc/apache2/ )
Set Apache ServerTokens to product only but don’t show version and other info:
This directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules.
Setting this to Prod only displays Apache and nothing else.
Set Apache ServerSignature off
The ServerSignature directive allows the configuration of a trailing footer line under server-generated documents.
How do I hide php info?
Open php.ini (located in /etc/php.ini or /etc/php5 or /etc/php4 directory)
Make sure php does not display errors and other php information. Modify add setting as follows:
expose_php = Off display_errors=Off register_globals = Off
Also send all errors to /var/log/php-scripts-error.log and not on screen to end user. It can provide serious information to user.
error_log = /var/log/httpd/php-scripts-error.log
Now all php script errors are written to /var/log/httpd/php-scripts-error.log. Ask your website developers to use following commands to view log files
tail -f /var/log/httpd/php-scripts-error.log vi /var/log/httpd/php-scripts-error.log.
For more info please read Apache 2 docs http://httpd.apache.org/docs/2.2/mod/core.html