Applies: – (all web servers might respond with something ‘useful’ here, depends from configurations) Required apache module: – Scope: – Type: informational, remote
Description: anyone can (if interested) find out (if not properly hidden) what software is running on a remote web server. Useful: for testing. If you will implement my next tip (how to hide this information) then you might want to test this to see it is working properly. Also this is used by various companies like Netcraft to gather the required information for their statistics.
This can be achieved in many ways, but the simplest one in my opinion is to use a basic telnet connection on port 80 to the remote server and issue a regular request like ”HEAD / HTTP/1.0” (I will use HEAD because we don’t care about the content):
telnet myserver.com 80
Connected to myserver.com.
Escape character is '^]'.
HEAD / HTTP/1.0 <- after this press 2 times ENTER
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2006 08:18:06 GMT
Server: Apache/2.0.55 (Debian) PHP/5.1.2-1+b1 mod_ssl/2.0.55 OpenSSL/0.9.8b
Content-Type: text/html; charset=UTF-8
Connection closed by foreign host.
So as you can see, it is so simple to find out that this server is using: Debian as OS (from the other versions we can assume it is Etch version), Apache 2.0.55 as web server, PHP 5.1.2, and OpenSSL 0.9.8b… Hmm, that is too easy for remote users to find out so many information about our system, right? Well in this case you might want to check my next Apache Tip that will show you how to hide this information.