the HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and languages used by the web server.
we can remove server name from Apache response header by:
-
Open Apache Config File
go to xampp\apache\conf\ httpd.conf
open and edit the code to hide server information in Apache as below:
ServerSignature Off
ServerTokens Prod
-
or locate .htaccess file (for wordpress)
open .htaccess file and edit it by adding code as below:
ServerSignature Off
ServerTokens Prod
-
Restart Apache Server
Restart Apache Server to apply changes