About Server Signature Test

Check if your server's signature is ON. A server signature is the public identity of your web server and contains sensitive information that could be used to exploit any known vulnerability. Turning your server signature OFF is considered a good security practice to avoid disclosure of what software versions you are running.

By default, the Apache webserver sends HTTP headers with some information about your server version, operating system, modules installed, etc. This information can be used by hackers in order to exploit vulnerabilities (specially if you are running an older version). These information can be hidden or changed with very basic configurations.

Open Apache's configuration file (httpd.conf or apache.conf) and search for ServerSignature. If you find it, edit it to:

        ServerSignature Off
        ServerTokens Prod

If you don't find it, just add these two lines at the end of the file.

Note that, after you modify the configuration file, you must restart the Apache server.