On Wednesday, 8 June 2016 at 17:05:42 UTC, Jonathan Marler wrote:
I can picture the article now:
I can't. It is an industry-standard deployment with a commonly
used configuration option - people change that all the time. PHP,
for example, will modify it to output something like this:
Server: Apache/2.4.6 (Unix) PHP/5.4.20
when you use it - they append their brand to the existing string.
The only articles I have ever seen about this is people saying
you should blank it out to make script kiddies have a harder time
figuring out just which version you have installed - people
SUGGEST that you obscure it!
BTW, when I see a live server running a custom httpd, I tend to
have a negative reaction: the sysadmin is lazy and didn't bother
with a proper setup. There's a reason ALL the other major
languages and frameworks use Apache/nginx/IIS on their websites.
It's the recommended way to do it.
There's a difference between an application server and a frontend
web server.
