skip to Main Content

I am trying to fix one venerability on my production web server(Apache), Venerability is “The HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and technologies used by the web server”
For this I have gone for some solutions , some where I found that to solve the above Venerability we need to edit the httpd.conf file on server but I did not find httpd.conf file in my entire system (using windows 10 os) can any one please let me know hot find that file or how to resolve that Venerability on production ?

3

Answers


  1. On Windows, I have seen people run Apache from all kinds of weird and wonderful places.

    You need to track down where your Apache instance is running from, normally its running as a service on windows. If you open the properties on the service and look at the Path to executable, it should be something similar to the below.

    "C:Program FilesApache24binhttpd.exe" -k runservice
    

    Or it could be

    "D:Some ApplicationVersionWEBtoolSOFTSHTTPDbinhttpd.exe" -k runservice
    

    Unless there is an -f flag, setting the location of the conf. There will be a “conf” folder at the same level as the “bin” folder regardless of the path. This location is set at compile time so unless you have bespoke version off Apache this should be the location.

    If you are struggling to find the service or a launcher that is running Apache. You can use WMI with a WQL query to look for processes which are called httpd.exe and get its executable path.

    wmic process WHERE name="httpd.exe" GET ExecutablePath  
    
    Login or Signup to reply.
  2. In Xampp Control panel, in apache row, click on "config" button and then you see the term Apache(httpd.conf).

    Login or Signup to reply.
  3. You can find httpd.conf in

    installed folder ex Apache24

    Apache24/conf/httpd.conf

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search