# ServerToken does not hide apache version



## flaviano (Jun 13, 2012)

Hi!

I set up one Freebsd FreeBSD 9 with Apache using ports, the ServerTokens directive is set to Prod. But apacheÂ´s response is:

```
HTTP/1.1 200 OK
Date: Wed, 13 Jun 2012 12:00:56 GMT
[I][B]Server: Apache/2.2.21 (FreeBSD)[/B][/I]
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1093
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
```
httpd.conf

```
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod
```
Does anyone know what happen*s* and/or what I can do to fix it?


----------



## SirDice (Jun 13, 2012)

*ServerTokens* is set in /usr/local/etc/apache22/extra/httpd-default.conf. This file isn't enabled by default in /usr/local/etc/apache22/httpd.conf:

```
# Various default settings
#Include etc/apache22/extra/httpd-default.conf
```


----------



## flaviano (Jun 13, 2012)

Oh.

Sorry my fault. 
I checked the line and now works.

Thank you.


----------

