How to Change Apache Server Name to Anything in Server Headers

In one of our several articles relating to Apache server security and hardening tips, we explained how to hide Apache version number and other sensitive information.

We discussed how to keep away valuable information such as the web server version number, server operating system details, installed Apache modules and so much more, from being sent along in server-generated documents back to the client (possibly attackers).

In this article, we will show you yet another useful Apache security tip – changing HTTP web server name to anything else in server header.

What do we actually mean here? Take a look at the screen shot below, it shows a listing of directories in our web server document root, beneath that, you can see the server signature (web server name, version, operating system, ip address and port).

Apache Directory Listing
Apache Directory Listing

Most times, hackers use known vulnerabilities in web server software to attack your websites or web apps, therefore changing the name of your web server makes it difficult for them to know the type of server running on your system. The point is to change the name “Apache” to something else.

This can be achieved by installing Apache mod_security module.

-------- On Debian/Ubuntu -------- 
$ sudo apt install libapache2-mod-security2
$ sudo a2enmod security2

-------- On CentOS/RHEL and Fedora --------
# yum install mod_security
# dnf install mod_security

Then open the Apache configuration file.

$ sudo vi /etc/apache2/apache2.conf	#Debian/Ubuntu 
# vi /etc/httpd/conf/httpd.conf	        #RHEL/CentOS/Fedora

Now change or add these lines below (make sure to change TecMint_Web to any other thing you want to appear to clients).

ServerTokens Full
SecServerSignature “Tecmint_Web”

Finally restart the web server.

$ sudo systemctl restart apache2   #Debian/Ubuntu 
# systemctl restart httpd          #RHEL/CentOS/Fedora

Now verify the page again using curl command or accessing from the browser to see the web server name has changed from Apache to Tecmint_Web.

$ curl -I -L http://domain-or-ipaddress
Apache Listing of Directory
Apache Listing of Directory

Thats It! Do check out following articles related to Apache web server.

  1. Protect Apache Against Brute Force or DDoS Attacks Using Mod_Security
  2. How to Find MySQL, PHP and Apache Configuration Files
  3. How to Change Default Apache ‘DocumentRoot’ Directory in Linux
  4. How to Check Which Apache Modules are Enabled/Loaded in Linux
  5. 13 Apache Web Server Security and Hardening Tips

In this article, we showed how to change HTTP web server name to anything else in server header in Linux. Use the feedback form below to add you thoughts about this topic.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

6 thoughts on “How to Change Apache Server Name to Anything in Server Headers”

  1. Can we rename the Apache Installation directory?

    Example:

    /opt/my_apache_new TO /opt/my_apache
    

    After renaming i am getting below error:

    ./apachectl -V
    ./apachectl: line 79:  4425 Segmentation fault      (core dumped) $HTTPD "[email protected]"
    
    Reply
  2. I can’t restart Apache, says:

    "Job for apache2.service failed because the control process exited with error code.
    See "systemctl status apache2.service" and "journalctl -xe" for details." 
    

    But I’ve changed the apache.conf how it is before do it and now works… help please. And this is a good article (but it don’t works for me ;-D )

    Reply
  3. Hi,

    Is there any way that I can change the server name through .htaccess file? Please let me know. Thanks.

    Reply

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.