x-powered-by snippets

How to hide X-Powered-By and Server headers

Tagged servertokens, server, x-powered-by, mod_rails, passenger, apache, apache2, headers  Languages apacheconf

First enable the mod_headers module:

sudo a2enmod headers

Then add this to your apache2.conf:

# Hide X-Powered-By and Server headers
Header always unset "X-Powered-By"
ServerTokens Prod
ServerSignature Off

Now restart Apache:

/etc/init.d/apache2 force-reload

This is security through obscurity at it's finest...