There are numerous ways on how your website can have a security threat. The information in a server signature can also be dangerous to your system. Sites like
can display your information.
Server Signature is an important piece of information about your server and operating system.
For example suppose you are using an Apache server with Ubuntu operating system. The version number of Apache Server and Operating System information will be displayed in the server signature.
These signatures displayed on error pages, and in other communications with the web server, may reveal sensitive information about the software versions running on the web server.
You need to disable your server signature if you want to protect yourself from imminent threats when you reveal your signature. In this tutorial, you will learn how you can disable server signature by editing the Apache/.htaccess file.
First you need to find the config file of Apache. The location of the file is different for different operating systems. Before you edit Htaccess/Apache config files, it is advisable to create a backup of configuration file. So that you can go back to previous state if something went wrong.
In CentOS/Fedora you can find the config by hitting the following command in the terminal
$ sudo vi
Similarly, the config file for Ubuntu/Debian can be found by the following command
sudo vi /etc/apache2/apache2.conf
Now, that you have located your config file, you need to add the following lines of code to your Apache Config file to turn off the server signature
appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.
directive is used to determine what Apache will put in the Server HTTP response header.
To turn off Server signature on a WordPress site, you need to access the
file. This file is located in the root directory of WordPress inside the
file and Right click on it to
it. You can also use a FTP client application to access your website root directory and edit the
You need to add some lines of code to your .htaccess file in order to turn off the server signature.
Disable server signature
You can also disable Server Signature using a WordPress plugin called
WP htaccess Control
This plugin can directly disable server signature. It is a free plugin and is useful for beginners who are new to WordPress. The plugin method is not recommended to edit the