LAMP Tips! » Apache

Hide Apache Version Number

Geoff W. — Fri, 18 Apr 2008 18:39:27 +0000

Add to httpd.conf

ServerSignature Off
ServerTokens Prod

Geoff W. — Fri, 18 Apr 2008 17:55:00 +0000

Disable the TRACE Method for PCI Compliance

Add this to your httpd.conf

TraceEnable off

Alternatively, if not using 1.3.34 or 2.0.55+, you can add this to your httpd.conf:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

Geoff W. — Fri, 18 Apr 2008 17:46:28 +0000

Disable SSLv2/TLS1 for PCI Compliance

Add the following to httpd.conf:

SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:-SSLv2:-RC4:+EXP