Tim’s Weblog Tim's Weblog
Tim Strehle’s links and thoughts on Web apps, managing software development and Digital Asset Management, since 2002.

ServerTokens Prod

The current Apache OpenSSL worm ("Linux Slapper Worm") checks the webserver version by reading the HTTP header before it attacks.

Added "ServerTokens Prod" to httpd.conf - now it says "Server: Apache", was "Server: Apache/1.3.26 (Unix) mod_ssl/2.8.10 OpenSSL/0.9.6" before.

(See the Apache documentation and FAQ.)

Wed, 18 Sep 2002 07:59:09 +0000