转载原始出处:http://linuxlovers.blog.51cto.com/6787002/1398342
1、安装mod_headers.c模块
1
2
3
4
5
6
7
8
9
|
[root@localhost ~]# cd /usr/local/src/httpd-
2.2
.
16
/modules
[root@localhost modules]# ls
aaa database experimental ldap mappers README
arch dav filters loggers metadata ssl
cache debug generators Makefile NWGNUmakefile test
config5.m4 echo http Makefile.
in
proxy
[root@localhost modules]# cd metadata/
[root@localhost metadata]# /usr/local/apache2/bin/apxs -i -a -c -n headers mod_headers.c
//用apxs工具添加模块
|
2、修改Apache配置文件
1
2
3
4
|
[root@localhost htdocs]# vim /usr/local/apache2/conf/httpd.conf
<IFModule mod_headers.c>
Header add MyHeader
"hello"
</IFModule>
|
3、测试
1
2
3
4
5
6
7
|
[root@localhost htdocs]# curl -I
192.168
.
0.104
/
1
.php
HTTP/
1.1
200
OK
Date
: Sat,
19
Apr
2014
02
:
45
:
13
GMT
Server: Apache/
2.2
.
16
(Unix) PHP/
5.3
.
27
X-Powered-By: PHP/
5.3
.
27
MyHeader: hello
//定义的header
Content-Type: text/html
|
当我们部署完LAMP后,测试页面输出时,可以看到http响应头里有如下header:
Server:
Apache/2.2.3 (Red Hat)
X-Powered-By:
PHP/5.1.6
显示了服务器一些敏感信息,这是不安全的,因此我们需要调整
关闭 "X-Powered-By: PHP/5.1.6" 的显示:
修改php.ini
expose_php = Off
简化 "Server:Apache/2.2.3 (Red Hat)" 的输出:
修改httpd.conf
ServerTokens Prod
转载于:https://blog.51cto.com/11759015/1874474