MichaelOldroyd.co.uk

Disabling Apache Server Signature

I have been trying to disable the server signature for a while, but I found that turning off the ServerSignature directive didn’t work for all servers. The signature might read something like:

Apache/2.2.X (Ubuntu) mod_ssl/2.X.X OpenSSL/0.X.X

If your server exposes this information, it’s easier for an attacker to compromise a system based on flaws in a particular server software version (especially if your server software is allowed to become outdated, or your distribution is slow to release security updates). By default, it will display this on error pages in plain text, and also present it as a Server header on every request.

To disable completely, you should set the following directives in your Apache configuration:

ServerSignature Off
ServerTokens Prod

via Nixtechnica

Filter a category from your WordPress Blog

I’m pretty new to working with the internals of WordPress. It seems very easy to settle for installing hundreds of plug-ins to achieve the simplest of tasks. Plug-ins are awkward for me, as they have the tendancy to not quite do what I want them to. I end up messing with them in some way which breaks updates.

Continued

Friday Update #1

My ten visitors may have noticed it was quiet over here for the last week and a half. For the last fortnight, I have been moving home. We began sorting and packing our belongings 3 weeks prior to that, yet we were still moving things out at 10:30 the night before the deadline. Probably because there was so much to clean and fix at the old place. It’s quite amazing how much shit you can stuff into one house. In total it’s taken a full week just to move our stuff and fix the place up. This includes 3 1/2 hours to get a sofa through a door, which was ridiculous. I did feel guilty that Bob – our sole surviving goldfish – was one of the last to move.
Continued