I am trying to fix one venerability on my production web server(Apache), Venerability is “The HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and technologies used by the web server”
For this I have gone for some solutions , some where I found that to solve the above Venerability we need to edit the httpd.conf file on server but I did not find httpd.conf file in my entire system (using windows 10 os) can any one please let me know hot find that file or how to resolve that Venerability on production ?
3
Answers
On Windows, I have seen people run Apache from all kinds of weird and wonderful places.
You need to track down where your Apache instance is running from, normally its running as a service on windows. If you open the properties on the service and look at the Path to executable, it should be something similar to the below.
Or it could be
Unless there is an -f flag, setting the location of the conf. There will be a “conf” folder at the same level as the “bin” folder regardless of the path. This location is set at compile time so unless you have bespoke version off Apache this should be the location.
If you are struggling to find the service or a launcher that is running Apache. You can use WMI with a WQL query to look for processes which are called httpd.exe and get its executable path.
In Xampp Control panel, in apache row, click on "config" button and then you see the term
Apache(httpd.conf)
.You can find httpd.conf in
installed folder ex Apache24
Apache24/conf/httpd.conf