10

On an Apache2.2.9 hosted site, I would like to remove the headers below.

Date Thu, 16 Dec 2010 17:49:45 GMT Server Apache Keep-Alive timeout=15, max=92 Connection Keep-Alive

Let me preempt the discussion on whether or not it it right/legal/nice to remvoe Server and Date: I have read the standard and I still want to do it. The bytes saved are significant (average response size is ~200B).

In my site.conf (last load from apache2.conf) I have tried this with no success:

    Header unset Date
    Header unset Server
    Header unset Connection 
    Header unset Keep-Alive

Other Header unset directives do work (so mod_headers is loaded).

Improve this question

1 Answer 1

Reset to default
7

Have you noticed this bug report? The inability to unset certain headers is a design issue in Apache. The patch attached contains a way to remove the Server header. Looking at it briefly it seems that lobotomizing the rest of the unwanted default included headers can be done at modules/http/http_filters.c, around line 1000...

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Interesting answer .. do you have a patch for that? Around line 1000 it says form_header_field(&h, "Server", server); what would be a patch that allows me just to unset all headers?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.