mod_sesehe free download, mod_sesehe download on software download

	mod_sesehe mod_sesehe is an Apache module that disguises and removes the 'Server: ' HTTP header from responses.
Download

mod_sesehe Ranking & Summary

Rating:

License:
The Apache License 2.0

Price:
FREE

Publisher Name:
Francois Pesce

Publisher web site:
http://jok.is-a-geek.net/ftwin.php

mod_sesehe Tags

mod_sesehe Description

mod_sesehe is an Apache module that disguises and removes the 'Server: ' HTTP header from responses. mod_sesehe is an Apache module that disguises and removes the "Server: " HTTP header from responses.Although sending the Server header in HTTP responses is not defined as a MUST in RFC 2616, the Apache HTTP Server does not allow you to disable sending this header via it's configuration. You can reduce it to "Apache" by removing the version, or the additional modules with the ServerTokens directive. Despite what some people are saying, even mod_headers can't suppress it.Excerpt from RFC:"14.38 ServerThe Server response-header field contains information about the software used by the origin server to handle the request. The field can contain multiple product tokens (section 3.8) and comments identifying the server and any significant subproducts. The product tokens are listed in order of their significance for identifying the application.If the response is being forwarded through a proxy, the proxy application MUST NOT modify the Server response-header. Instead, it SHOULD include a Via field (as described in section 14.45).Note: Revealing the specific software version of the server might allow the server machine to become more vulnerable to attacks against software that is known to contain security holes. Server implementors are encouraged to make this field a configurable option." In Apache httpd, the ServerTokens directive currently can at best be set to Prod, which will cause apache to return "Apache" as Server header. Some problem still occurs: First, the level of security by obscurity of this directive is not acceptable by some people that just want to change it to some other value, without re-compiling Apache, or people that even want to simply drop the "Server: " header. Secondly, if apache is configured as a reverse proxy, and a malformed request is received, then it will display its own server token instead of the backend one, so we need to handle error response header.I developed this tiny module by hijacking normal behavior of (reverse) proxy feature of Apache : i.e. even if a request is not a proxy request, I tag it as if it was, to make Apache core let me do what I want with this header. Compilation and InstallationTo build this module, you can proceed with a standard apxs line like this:${APACHE_DIR}/bin/apxs -c -a -n sesehe ./mod_sesehe.cThen, to install the compiled module, still use apxs:${APACHE_DIR}/bin/apxs -i -a -n sesehe ./mod_sesehe.la

mod_sesehe Related Software