Web Server Default Banners

Web server default banners are when web servers like Apache, Nginx, and others are configured to show their server type, version number, and operating system. Hackers can use a simple method to get this information. This information is sent in the headers of the HTTP request and looks like this:

HTTP/1.1 200 OK
Date: Thu, 12 Jun 2014 14:15:01 GMT
Server: Apache/2.2.21 (Win32) PHP/5.4.7
Content-Length:226
Connection: close
Content-Type: text/html; charset=iso-8859-1

Malicious hackers can use this information to launch targeted attacks on your website. Your webserver should have these banners turned off.

Turn off banners on Apache

Changing the following configuration in the httpd.conf file will turn off the version number:

ServerTokens Prod

or

ServerSignature Off

Turn off banners on Nginx

You can limit the information that Nginx presents by creating/editing the following directive in nginx.conf. Find the http section, which defines configurations for the HttpCoreModule. Uncomment (remove the # symbol) or add the following directive:

erver_tokens off;

Turning off the default web banners helps mask the server and version number of your current webserver. This gives malicious hackers less information to work with and keeps you safer.

Talk to a Progress Coordinator to see how they can help secure your site

Jacob Billings
During my career, I have worked in a number of different roles that have helped me understand the overall software development process. These roles include project management, senior developer, Linux administrator, technical sales consultant, and company owner. Working within these roles has given me an in-depth knowledge of best practices in software development.
I offer a strong aptitude for learning new technologies and a proven track record of meeting aggressive goals. My most notable skills include:

Software Development: I bring over 13 years of experience in developing software for multiple clients in various environments. I have a solid knowledge of PHP, Javascript, MySQL, Python, and Java.

Over my career, I have had the opportunity to work on projects for some of the most recognized brands on the planet. Brands like Marriott Hotels, Microsoft, Ashland Chemical, Capital One Credit Cards, Cadbury Schweppes, GE and more. This has given me an in-depth understanding of my client's challenges as they grow. I know how to get a company from startup to maturity with technology. My specialties are in E-commerce(specifically Magento), process automation, and security.