httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Taco Fleur" <>
Subject RE: [users@httpd] Stop Apache from reporting version number anywhere..
Date Mon, 26 Jan 2004 03:38:14 GMT
> Because hiding your version number doesn't do anything to 
> patch security holes.  You are 100% as vulnerable to whatever 
> vulnerabilities you may have regardless of what version 
> number your server advertises.  It's not going to stop you 
> from being hacked, if that's what you were thinking. 
> An analogy would be placing a post-it note on your front door 
> that says "There is no big-screen TV inside." when any 
> burglar can see plainly in your front window that in fact 
> there is a large big-screen TV sitting right there in the living room.

I didn't think it would patch any security holes.

I don't agree with what you are saying, I believe displaying the webserver
software and version is like giving someone my Bank name, account type and
branch address, all they need to find out is what my PIN is.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message