While running a HTTP server such as Apache, there is a few step an administrator have to take in order not to get easily hacked. The very basic one is to hide from the outside which software version and operating system version are running.

1. Introduction:
While keeping software up to date is already a good start to avoid your server being hacked because of known exploit, there is other few actions you can take to minimize the possibilities of being hacked.

A good start is to avoid displaying the software versions you are using.

Let me explain. When somebody request a page to a HTTP server, this one respond with headers such as Content-Type, Content-Length… as well as Server.

People don’t usually see those headers, but if someone wants to hack your box, they might be looking for it. Why? Because known exploits usually work on specific software version.


take a look over at http://www.debuntu.org/2006/07/30/77-how-t...urity-measures/
for the guide.