Turning Off Server Signature In Apache
A server signature contains public information about your current web server. You may not want the public to know this information as it contains sensitive information. An attacker may use this information to exploit any know vulnerability.
Here’s how to turn it off if you’re using a Apache 2.2 web server (Ubuntu 14.04).
Open Apache’s config file (apache2.conf or httpd.conf) and look for ServerSignature. When found, change it to:
ServerSignature Off
ServerTokens Prod
If ServerSignature is not located in the Apache config file, then add the above snippet at the end of the file.