Removing http headers in Apache2

apache header unset
michael picture michael · Dec 16, 2010 · Viewed 17.8k times · Source

On an Apache2.2.9 hosted site, I would like to remove the headers below.

Date Thu, 16 Dec 2010 17:49:45 GMT Server Apache Keep-Alive timeout=15, max=92 Connection Keep-Alive

Let me preempt the discussion on whether or not it it right/legal/nice to remvoe Server and Date: I have read the standard and I still want to do it. The bytes saved are significant (average response size is ~200B).

In my site.conf (last load from apache2.conf) I have tried this with no success:

    Header unset Date
    Header unset Server
    Header unset Connection 
    Header unset Keep-Alive

Other Header unset directives do work (so mod_headers is loaded).

Answer

erloewe picture erloewe · Feb 8, 2011

Have you noticed this bug report? The inability to unset certain headers is a design issue in Apache. The patch attached contains a way to remove the Server header. Looking at it briefly it seems that lobotomizing the rest of the unwanted default included headers can be done at modules/http/http_filters.c, around line 1000...

Related questions

Authorization header missing in PHP POST request

I'm currently trying to read the authorization header in a PHP script that I'm calling with a POST request. The Authorization header is populated with a token. It seems the Authorization header is somehow removed before it arrives at my …

Read More
Proper use of KeepAlive in Apache Htaccess

What is the difference between: Header set Connection keep-alive and KeepAlive on in Apache htaccess? What code and options we have to put in the header of a php file? And what in htaccess file?

Read More
Apache CXF - Set HTTP header

I have to set some http header fields in a Apache CXF client: I tried it via Interceptor: public class HttpHeaderInterceptor extends AbstractPhaseInterceptor<Message> { private String userId; private String xAuthorizeRoles; private String host; public HttpHeaderInterceptor() { super(Phase.POST_…

Read More