RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi Eric, Can you please help me in recompiling the apache to overcome these issues. Regards, Krishna -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Thursday, March 16, 2017 10:05 PM To: users@httpd.apache.org Cc: knst.koli...@gmail.com Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. On Thu, Mar 16, 2017 at 11:44 AM, Chunduru, Krishnachaithanya wrote: > Is there a way to do it in the httpd-ssl.conf or from httpd.conf ? The name of the configuration file is all but meaningless. If you want to use a feature from some module, load it and configure it. -- Eric Covener cove...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
On Thu, Mar 16, 2017 at 11:44 AM, Chunduru, Krishnachaithanya wrote: > Is there a way to do it in the httpd-ssl.conf or from httpd.conf ? The name of the configuration file is all but meaningless. If you want to use a feature from some module, load it and configure it. -- Eric Covener cove...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi Eric, Thanks for the suggestion. Is there a way to do it in the httpd-ssl.conf or from httpd.conf ? Regards, Krishna -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Thursday, March 16, 2017 6:19 PM To: users@httpd.apache.org Cc: knst.koli...@gmail.com Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. On Thu, Mar 16, 2017 at 8:47 AM, Yehuda Katz wrote: > I believe the only way to do that is to recompile HTTPD yourself. mod_security is third-party - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
diff -uNr httpd-2.4.12/include/ap_release.h httpd-2.4.12_new/include/ap_release.h --- httpd-2.4.12/include/ap_release.h 2014-07-15 13:12:30.0 -0400 +++ httpd-2.4.12_new/include/ap_release.h 2014-08-06 16:02:19.651002566 -0400 @@ LINE_NUMBERING_ALL_MESSED_UP_NOT_A_REAL_DIFF @@ * * Example: "Apache/1.1.0 MrWidget/0.1-alpha" */ -#define AP_SERVER_BASEPROJECT "Apache HTTP Server" -#define AP_SERVER_BASEPRODUCT "Apache" +#define AP_SERVER_BASEPROJECT "My Project" +#define AP_SERVER_BASEPRODUCT "My HTTP Server" #define AP_SERVER_MINORVERSION_NUMBER 4 #define AP_SERVER_PATCHLEVEL_NUMBER 23 #define AP_SERVER_DEVBUILD_BOOLEAN0 [ Keep in mind that this change is extremely superficial, and that anyone can see what you have within a narrow version window anyhow with only a trivial fingerprinting effort. Rick Houser Web Administration From: Yehuda Katz [mailto:yeh...@ymkatz.net] Sent: Thursday, March 16, 2017 08:47 To: users@httpd.apache.org Cc: knst.koli...@gmail.com Subject: RE: [users@httpd] Hiding Apache version info on the Aix server for Apache. I believe the only way to do that is to recompile HTTPD yourself. - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Mar 16, 2017 6:02 AM, "Chunduru, Krishnachaithanya" mailto:krishnachaithanya.chund...@broadridge.com>> wrote: Hi Konstantin/All, I have now resolved the problem of the server name and OS version, but I was asked to remove the Apache name itself from the response headers. Can someone please let me know how can we achieve this on Aix, in linux we can use the mod_security but I don't get anything like that in Aix. Regards, Krishna -Original Message- From: Chunduru, Krishnachaithanya [mailto:krishnachaithanya.chund...@broadridge.com<mailto:krishnachaithanya.chund...@broadridge.com>] Sent: Wednesday, March 15, 2017 6:35 PM To: users@httpd.apache.org<mailto:users@httpd.apache.org> Subject: RE: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi, Below are the entries I have updated in the httpd.conf and tried restarting the apache, but it didn't started and didn't even gave any errors. $cat /etc/httpd/conf/httpd.conf | grep -i signature ServerSignature Off $ cat /etc/httpd/conf/httpd.conf | grep -i tokens ServerTokens Prod Regards, Krishna -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com<mailto:knst.koli...@gmail.com>] Sent: Wednesday, March 15, 2017 1:24 PM To: users@httpd.apache.org<mailto:users@httpd.apache.org> Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. 2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya mailto:krishnachaithanya.chund...@broadridge.com>>: > Hi All, > > > > Can anyone please let me know how to hide the apache version and the > OS name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. Thus your edits have an effect. Good. What are the actual lines, and what was the actual error message? Check you spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org<mailto:users-unsubscr...@httpd.apache.org> For additional commands, e-mail: users-h...@httpd.apache.org<mailto:users-h...@httpd.apache.org> This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. B CB[ X ܚX K K[XZ[ \ \ ][ X ܚX P \ X K ܙ B ܈ Y ] [ۘ[[X[ K[XZ[ \ \ Z [ \ X K ܙ B This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
On Thu, Mar 16, 2017 at 8:47 AM, Yehuda Katz wrote: > I believe the only way to do that is to recompile HTTPD yourself. mod_security is third-party - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
I believe the only way to do that is to recompile HTTPD yourself. - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Mar 16, 2017 6:02 AM, "Chunduru, Krishnachaithanya" < krishnachaithanya.chund...@broadridge.com> wrote: > Hi Konstantin/All, > > I have now resolved the problem of the server name and OS version, but I > was asked to remove the Apache name itself from the response headers. > > Can someone please let me know how can we achieve this on Aix, in linux we > can use the mod_security but I don't get anything like that in Aix. > > Regards, > Krishna > > > -Original Message- > From: Chunduru, Krishnachaithanya [mailto:Krishnachaithanya. > chund...@broadridge.com] > Sent: Wednesday, March 15, 2017 6:35 PM > To: users@httpd.apache.org > Subject: RE: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > Hi, > > Below are the entries I have updated in the httpd.conf and tried > restarting the apache, but it didn't started and didn't even gave any > errors. > > $cat /etc/httpd/conf/httpd.conf | grep -i signature ServerSignature Off > > $ cat /etc/httpd/conf/httpd.conf | grep -i tokens ServerTokens Prod > > Regards, > Krishna > > > -Original Message- > From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > Sent: Wednesday, March 15, 2017 1:24 PM > To: users@httpd.apache.org > Subject: Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > 2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya > : > > Hi All, > > > > > > > > Can anyone please let me know how to hide the apache version and the > > OS name running on Aix server. > > > > > > > > The servertokens or the server signature fields are set to PROD and > > signature off, then I tried restarting the httpd but apache was not > > starting until these two parameters are removed from the config file. > > Thus your edits have an effect. Good. > > What are the actual lines, and what was the actual error message? > > Check you spelling. Copy-paste from documentation, if possible. > > Try to search if other configuration files define those directives. > (The files included into main httpd.conf file with "Include" directive). > > > Best regards, > Konstantin Kolinko > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > B CB > [ X ܚX K K[XZ[ > \ \ ][ X ܚX P > \ X K ܙ B ܈ Y ] [ۘ[[X[ K[XZ[ > \ \ Z [ > \ X K ܙ B > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. >
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi Konstantin/All, I have now resolved the problem of the server name and OS version, but I was asked to remove the Apache name itself from the response headers. Can someone please let me know how can we achieve this on Aix, in linux we can use the mod_security but I don't get anything like that in Aix. Regards, Krishna -Original Message- From: Chunduru, Krishnachaithanya [mailto:krishnachaithanya.chund...@broadridge.com] Sent: Wednesday, March 15, 2017 6:35 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi, Below are the entries I have updated in the httpd.conf and tried restarting the apache, but it didn't started and didn't even gave any errors. $cat /etc/httpd/conf/httpd.conf | grep -i signature ServerSignature Off $ cat /etc/httpd/conf/httpd.conf | grep -i tokens ServerTokens Prod Regards, Krishna -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Wednesday, March 15, 2017 1:24 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. 2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya : > Hi All, > > > > Can anyone please let me know how to hide the apache version and the > OS name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. Thus your edits have an effect. Good. What are the actual lines, and what was the actual error message? Check you spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. B CB [ X ܚX KK[XZ[ \ \ ][ X ܚX P \X K ܙ B ܈Y][ۘ[ [X[ K[XZ[ \ \ Z[ \X K ܙ B This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
I’ve tested on CentOS 6.8, Apache 2.2.15 Both *ServerTokens PROD* *ServerSignature Off* Work perfectly and do not affect the starting of the server. Secondly have you actually ever run a configtest? *apachectl configtest* If you copy and paste the the ServerTokens and ServerSignature lines above exactly as I have them they will work. If not then you have messed up something else in your httpd.conf file which is why a configtest is so important. I attach a very basic httpd.conf which you can try, it’s as basic as it gets. Regards Mitchell From: Chunduru, Krishnachaithanya Reply: users@httpd.apache.org Date: 15 March 2017 at 3:05:15 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi, Below are the entries I have updated in the httpd.conf and tried restarting the apache, but it didn't started and didn't even gave any errors. $cat /etc/httpd/conf/httpd.conf | grep -i signature ServerSignature Off $ cat /etc/httpd/conf/httpd.conf | grep -i tokens ServerTokens Prod Regards, Krishna -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Wednesday, March 15, 2017 1:24 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. 2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya : > Hi All, > > > > Can anyone please let me know how to hide the apache version and the > OS name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. Thus your edits have an effect. Good. What are the actual lines, and what was the actual error message? Check you spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. B‹CB• È [œÝXœØÜšX™K K[XZ[ ˆ \Ù\œË][œÝXœØÜšX™P ˜\ XÚ K›Ü™ÃB‘›Üˆ Y ] [Û˜[ ÛÛ[X[™ Ë K[XZ[ ˆ \Ù\œËZ [ ˜\ XÚ K›Ü™ÃB httpd.conf Description: Binary data - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi, Below are the entries I have updated in the httpd.conf and tried restarting the apache, but it didn't started and didn't even gave any errors. $cat /etc/httpd/conf/httpd.conf | grep -i signature ServerSignature Off $ cat /etc/httpd/conf/httpd.conf | grep -i tokens ServerTokens Prod Regards, Krishna -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Wednesday, March 15, 2017 1:24 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. 2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya : > Hi All, > > > > Can anyone please let me know how to hide the apache version and the > OS name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. Thus your edits have an effect. Good. What are the actual lines, and what was the actual error message? Check you spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
2017-03-14 14:56 GMT+03:00 Chunduru, Krishnachaithanya : > Hi All, > > > > Can anyone please let me know how to hide the apache version and the OS name > running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not starting > until these two parameters are removed from the config file. Thus your edits have an effect. Good. What are the actual lines, and what was the actual error message? Check you spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Sorry typo …. /etc/apache2/conf-available/security.conf From: Chunduru, Krishnachaithanya Reply: users@httpd.apache.org Date: 14 March 2017 at 1:56:04 PM To: users@httpd.apache.org Subject: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi All, Can anyone please let me know how to hide the apache version and the OS name running on Aix server. The servertokens or the server signature fields are set to PROD and signature off, then I tried restarting the httpd but apache was not starting until these two parameters are removed from the config file. *Regards,* *Krishna* This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
What happens you run a configtest ??? On your distro it could be either sudo apachectl configtest or sudo apache2ctl configtest Really wish package maintainers would agree on some kind of layout standard of the apache directory structure between distro’s. From: Yehuda Katz Reply: Yehuda Katz Date: 14 March 2017 at 3:58:48 PM To: users@httpd.apache.org Cc: Mitchell Krog Photography Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. HTTPD should be logging somewhere, often /var/log/httpd or /var/log/apache2. See if there is an error there. - Y On Tue, Mar 14, 2017 at 9:35 AM, Chunduru, Krishnachaithanya < krishnachaithanya.chund...@broadridge.com> wrote: > Hi, > > > > No, I was not getting any error. When the script is executed, it is giving > message like “starting Apache” later when we are checking the process is > not running. > > > > I can’t even find the /etc/conf-* dir in our Aix server. > > > > *Regards,* > > *Krishna* > > > > * From:* Yehuda Katz [mailto:yeh...@ymkatz.net] > *Sent:* Tuesday, March 14, 2017 7:02 PM > *To:* users@httpd.apache.org > *Cc:* Mitchell Krog Photography > > *Subject:* Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > > > /etc/conf-available/security.conf is part of the Debian/Ubuntu packaged > layout of HTTPD, not standard. > > > > Do you get an error when you try to start up the server? > > > > - Y > > > > On Tue, Mar 14, 2017 at 9:08 AM, Chunduru, Krishnachaithanya < > krishnachaithanya.chund...@broadridge.com> wrote: > > Hi, > > > > I couldn’t find the file security.conf. > > > > We are having 2.4.x version running. I have only /etc/httpd/ dir, but not > /etc/apache2. Can you please help me if there are any other files to check. > > > > *Regards,* > > *Krishna* > > > > * From:* Mitchell Krog Photography [mailto:mitchellk...@gmail.com] > *Sent:* Tuesday, March 14, 2017 5:54 PM > *To:* Chunduru, Krishnachaithanya; users@httpd.apache.org > *Subject:* Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > > > Sorry typo …. /etc/apache2/conf-available/security.conf > > > > > > > From: Chunduru, Krishnachaithanya broadridge.com> > Reply: users@httpd.apache.org > > Date: 14 March 2017 at 1:56:04 PM > To: users@httpd.apache.org > > Subject: [users@httpd] Hiding Apache version info on the Aix server for > Apache. > > > > Hi All, > > > > Can anyone please let me know how to hide the apache version and the OS > name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. > > > > *Regards,* > > *Krishna* > > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. >
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
HTTPD should be logging somewhere, often /var/log/httpd or /var/log/apache2. See if there is an error there. - Y On Tue, Mar 14, 2017 at 9:35 AM, Chunduru, Krishnachaithanya < krishnachaithanya.chund...@broadridge.com> wrote: > Hi, > > > > No, I was not getting any error. When the script is executed, it is giving > message like “starting Apache” later when we are checking the process is > not running. > > > > I can’t even find the /etc/conf-* dir in our Aix server. > > > > *Regards,* > > *Krishna* > > > > *From:* Yehuda Katz [mailto:yeh...@ymkatz.net] > *Sent:* Tuesday, March 14, 2017 7:02 PM > *To:* users@httpd.apache.org > *Cc:* Mitchell Krog Photography > > *Subject:* Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > > > /etc/conf-available/security.conf is part of the Debian/Ubuntu packaged > layout of HTTPD, not standard. > > > > Do you get an error when you try to start up the server? > > > > - Y > > > > On Tue, Mar 14, 2017 at 9:08 AM, Chunduru, Krishnachaithanya < > krishnachaithanya.chund...@broadridge.com> wrote: > > Hi, > > > > I couldn’t find the file security.conf. > > > > We are having 2.4.x version running. I have only /etc/httpd/ dir, but not > /etc/apache2. Can you please help me if there are any other files to check. > > > > *Regards,* > > *Krishna* > > > > *From:* Mitchell Krog Photography [mailto:mitchellk...@gmail.com] > *Sent:* Tuesday, March 14, 2017 5:54 PM > *To:* Chunduru, Krishnachaithanya; users@httpd.apache.org > *Subject:* Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > > > Sorry typo …. /etc/apache2/conf-available/security.conf > > > > > > > From: Chunduru, Krishnachaithanya broadridge.com> > Reply: users@httpd.apache.org > > Date: 14 March 2017 at 1:56:04 PM > To: users@httpd.apache.org > > Subject: [users@httpd] Hiding Apache version info on the Aix server for > Apache. > > > > Hi All, > > > > Can anyone please let me know how to hide the apache version and the OS > name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. > > > > *Regards,* > > *Krishna* > > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. >
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi, No, I was not getting any error. When the script is executed, it is giving message like “starting Apache” later when we are checking the process is not running. I can’t even find the /etc/conf-* dir in our Aix server. Regards, Krishna From: Yehuda Katz [mailto:yeh...@ymkatz.net] Sent: Tuesday, March 14, 2017 7:02 PM To: users@httpd.apache.org Cc: Mitchell Krog Photography Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. /etc/conf-available/security.conf is part of the Debian/Ubuntu packaged layout of HTTPD, not standard. Do you get an error when you try to start up the server? - Y On Tue, Mar 14, 2017 at 9:08 AM, Chunduru, Krishnachaithanya mailto:krishnachaithanya.chund...@broadridge.com>> wrote: Hi, I couldn’t find the file security.conf. We are having 2.4.x version running. I have only /etc/httpd/ dir, but not /etc/apache2. Can you please help me if there are any other files to check. Regards, Krishna From: Mitchell Krog Photography [mailto:mitchellk...@gmail.com<mailto:mitchellk...@gmail.com>] Sent: Tuesday, March 14, 2017 5:54 PM To: Chunduru, Krishnachaithanya; users@httpd.apache.org<mailto:users@httpd.apache.org> Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. Sorry typo …. /etc/apache2/conf-available/security.conf From: Chunduru, Krishnachaithanya <mailto:krishnachaithanya.chund...@broadridge.com> Reply: users@httpd.apache.org<mailto:users@httpd.apache.org> <mailto:users@httpd.apache.org> Date: 14 March 2017 at 1:56:04 PM To: users@httpd.apache.org<mailto:users@httpd.apache.org> <mailto:users@httpd.apache.org> Subject: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi All, Can anyone please let me know how to hide the apache version and the OS name running on Aix server. The servertokens or the server signature fields are set to PROD and signature off, then I tried restarting the httpd but apache was not starting until these two parameters are removed from the config file. Regards, Krishna This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
/etc/conf-available/security.conf is part of the Debian/Ubuntu packaged layout of HTTPD, not standard. Do you get an error when you try to start up the server? - Y On Tue, Mar 14, 2017 at 9:08 AM, Chunduru, Krishnachaithanya < krishnachaithanya.chund...@broadridge.com> wrote: > Hi, > > > > I couldn’t find the file security.conf. > > > > We are having 2.4.x version running. I have only /etc/httpd/ dir, but not > /etc/apache2. Can you please help me if there are any other files to check. > > > > *Regards,* > > *Krishna* > > > > *From:* Mitchell Krog Photography [mailto:mitchellk...@gmail.com] > *Sent:* Tuesday, March 14, 2017 5:54 PM > *To:* Chunduru, Krishnachaithanya; users@httpd.apache.org > *Subject:* Re: [users@httpd] Hiding Apache version info on the Aix server > for Apache. > > > > Sorry typo …. /etc/apache2/conf-available/security.conf > > > > > > > From: Chunduru, Krishnachaithanya broadridge.com> > Reply: users@httpd.apache.org > > Date: 14 March 2017 at 1:56:04 PM > To: users@httpd.apache.org > > Subject: [users@httpd] Hiding Apache version info on the Aix server for > Apache. > > > > Hi All, > > > > Can anyone please let me know how to hide the apache version and the OS > name running on Aix server. > > > > The servertokens or the server signature fields are set to PROD and > signature off, then I tried restarting the httpd but apache was not > starting until these two parameters are removed from the config file. > > > > *Regards,* > > *Krishna* > > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. > If the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > e-mail and delete the message and any attachments from your system. >
RE: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Hi, I couldn’t find the file security.conf. We are having 2.4.x version running. I have only /etc/httpd/ dir, but not /etc/apache2. Can you please help me if there are any other files to check. Regards, Krishna From: Mitchell Krog Photography [mailto:mitchellk...@gmail.com] Sent: Tuesday, March 14, 2017 5:54 PM To: Chunduru, Krishnachaithanya; users@httpd.apache.org Subject: Re: [users@httpd] Hiding Apache version info on the Aix server for Apache. Sorry typo …. /etc/apache2/conf-available/security.conf From: Chunduru, Krishnachaithanya <mailto:krishnachaithanya.chund...@broadridge.com> Reply: users@httpd.apache.org<mailto:users@httpd.apache.org> <mailto:users@httpd.apache.org> Date: 14 March 2017 at 1:56:04 PM To: users@httpd.apache.org<mailto:users@httpd.apache.org> <mailto:users@httpd.apache.org> Subject: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi All, Can anyone please let me know how to hide the apache version and the OS name running on Aix server. The servertokens or the server signature fields are set to PROD and signature off, then I tried restarting the httpd but apache was not starting until these two parameters are removed from the config file. Regards, Krishna This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.
Not sure what version of apache you are using but in versions 2.4.x the modification is done in /etc/conf-available/security.conf and not in the http.conf or apache2.conf file. From: Chunduru, Krishnachaithanya Reply: users@httpd.apache.org Date: 14 March 2017 at 1:56:04 PM To: users@httpd.apache.org Subject: [users@httpd] Hiding Apache version info on the Aix server for Apache. Hi All, Can anyone please let me know how to hide the apache version and the OS name running on Aix server. The servertokens or the server signature fields are set to PROD and signature off, then I tried restarting the httpd but apache was not starting until these two parameters are removed from the config file. *Regards,* *Krishna* This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.