I'm trying to do something I thought was simple. I just want to change the Server header that Apache sends for every request. This is the line in my httpd.conf file:
Header always set Server "My Server name"
However, this is what is returned in the Server header:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
Incidentally, that's what software I'm using (how convenient). I do have mod_headers enabled and it is working for other directives in my configuration files.
EDIT: I'm running this on Ubuntu Server 8.04 LTS x64.
Why doesn't this work?
That's because it's an Apache policy not to lie about the Server header and to always set it. The best you can do is to have it only display "Apache" with :
As it's said in the FAQ and a bug report, the only way you can have Apache send "My Server Name" is to modify the sources.
Note also that you won't gain anything by having your server not saying you're using Apache, security through obscurity is, well, not really security. If you're trying to hide your operating system or your php or ssl versions, in case a bug arise, it's not really useful either because people tend to try getting into every server they encounter.
Below just hides the information OS version and Apache server version.
To completely obfuscate server information add use mod_headers module
following at the end of httpd.conf (after all other config)
There is actually a fix to remove the word "Apache":
then add this to the end of
/etc/apache2/apache.conf:and restart Apache: