I want to improve security of my Apache webserver.
-
Open:
/etc/apache2/conf.d/security
-
Edit:
ServerTokens Prod ServerSignature Off
-
Reload/Restart:
/etc/init.d/apache2 reload /etc/init.d/apache2 restart
The values Prod and Off should be fine, but I get these errors:
ServerTokens takes one argument, Determine tokens displayed in the Server: header - Min(imal), OS or Full Action 'configtest' failed.
ServerSignature takes one argument, En-/disable server signature (on|off|email) Action 'configtest' failed.
Where do I find Apache's configtest declaration, so I can tell it to accept Prod and Off?
Problem solution:
I had inline comments in my config file, which are not allowed.
So do NOT do this:
ServerTokens Prod # Added this on 10/20/2012
Instead do it this way:
# Added this on 10/20/2012: ServerTokens Prod
However, the error messages confused me, since they only had three options (Min, OS and Full) and were all lower case (on|off|email) while in the config file there were more options and ucfirst.
Best Answer
This looks like you're using a Debian/Ubuntu or similar system. You can run a configtest with
You can't change it's declaration to accept Prod (it already does) and you shouldn't need to.
The Error message is quite clear
ServerTokens takes one argument ...
I can only get this error message if I supply the ServerTokens directive with more than one parameter sofails in the same way that you observe. You need to figure out why your ServerTokens and ServerSignature directives have more than one parameter. This first thing I would try is to load the files into vim and use
:set invlist
which will show any hidden characters in your file.