How to hide the Apache version and OS information to security scan?
In Ubuntu edit the following file sudo vim /etc/apache2/conf-enabled/security.conf Change ServerTokens OS to ServerTokens Prod then change ServerSignature On to ServerSignature Off Restart the apache2 : sudo service apache2 restart In CentOS and RedHat edit the following file: vim /etc/httpd/conf/httpd.conf Change ServerTokens OS to ServerTokens ProductOnly then change ServerSignature On to ServerSignature Off Restart the apache2