Add in "ServerSignature Off" to the httpd.conf file to remove that footer message from error pages..
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor: Securing Apache
Author: Preventing Web Attacks with Apache

On 1/30/06, kiran k <> wrote:
Thanks, I should have paid more attention on error string duh..
I was able to monitor server script, for deny I get forbidden page with (
Apache/2.0.55 (Unix) Server at Port 80), I would like to avoid this, is there any thing else other than deny:redirect so that it just shows it blocked no more info about apache version.

Alon Agmon <> wrote:
Hi ,
Mod_proxy should be used as:
    ProxyPass / /
    ProxyPassReverse / /
Note the last slash.

From: [mailto:] On Behalf Of kiran k
Sent: Monday, January 30, 2006 7:02 AM
Subject: [mod-security-users] as reverse proxy
I set it up exactly as described in the article. Basic test went fine, ie when I access http: (which is proxy), it went to
When I try access server scripts (ie I get proxy error, like below. What is missing ? Why DNS lookup for ipaddr ?
The proxy server received an i nvalid response from an upstream server.
The proxy server could not handle the request GET /cgi-bin/
Reason: DNS lookup failure for:
    ServerName localhost
    ProxyRequests Off
    ProxyPass /
    ProxyPassReverse /
    SecFilterEngine DynamicOnly
    SecFilterCheckURLEncoding On
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around

Do you Yahoo!?
With a free 1 GB, there's more in store with Yahoo! Mail.

Yahoo! Autos. Looking for a sweet ride? Get pricing, reviews, & more on new and used cars.