Is there a plugin for ServerSignature Off vs .htaccess?

  • garyploski

    (@garyploski)


    12 years, 4 months ago

    Good day WP community.

    I’m trying to lock down my WP sites as much as possible and have one final item that the “Ultimate Security Checker” alerted me to that I cannot resolve.

    Server configuration check
    Your server shows too much information about installed software.

    I contacted support at Site5, my host, to ask how to add ServerSignature Off to my install and was advised the following:

    It seems that it is not possible to override the header via mod_headers. The only way to do this is by changing in the apache config and re-compiling.

    They are not going to change the Apache just for me, of course.

    I can note that adding ServerSignature Off to my .htaccess does NOT resolve the issue. It is in a part of the .htaccess file now.

    Has someone written a plugin, perhaps?, or have a suggested alternative to help lock down our WP installs?

    Thanks so much for your suggestions and insight.

Viewing 1 replies (of 1 total)
  • Adrian

    (@adrian2)

    12 years, 4 months ago

    Maybe because you’re on shared hosting like me, a while back I wanted to do the same, but someone said I would need something higher than shared hosting.

    With so much research I realized that this is not really necessary. If your case is Shared Hosting;

    When someone really wants to hurt you or your Blog|Website is the target. In no time they will know the server where your domain is pointing.

    I also learned that the majority of cases, they scan looking for a specific setup information in a Blog|Website. Remember to be a bricklayer, you need a shovel. This means, if they are in business to break into blogging, then they have Hosting Company information long before your or me come to be client of this service.

    On the other hand, the ServerSignature, has the important data that your server runs the latest version (if that is the case). I am constantly checking the version, if we fall behind a bit, then it is time to change hosting service.

    Finally, besides the Apache Server, how many other brands exist on the Internet. With one hand you can not use all his fingers to count.

    Good luck.

Viewing 1 replies (of 1 total)
  • The topic ‘Is there a plugin for ServerSignature Off vs .htaccess?’ is closed to new replies.