Hide Apache version

Hi, I have a server on internal with outdated Apache version. Unfortunately it doesn't seem that I can update it without consequences for the server itself. Can I at list use Firebox to hide Apache version from outside world?


  • Options
    edited November 2021

    From the Watchguard make sure you are publishing using Proxy Rule.
    For HTTPS you must ensure that content inspection is enabled.

    Under HTTP Response -> Header Fields, create the headers you want to remove.

    Rule 1:
    Name: Server:*
    Pattern Match: Server:*
    Action: Strip

    Rule 2:
    Name: X-Powered-By:*
    Pattern Match: X-Powered-By:*
    Action: Strip

    This is useful for applications that don't allow you to remove headers natively through the application or web config.

Sign In to comment.