From 7436dc681530151299d1ef31011752b92144174b Mon Sep 17 00:00:00 2001
From: Pekka Helenius <fincer89@hotmail.com>
Date: Mon, 3 Sep 2018 03:22:09 +0300
Subject: [PATCH] H4: Update title

---
 exercises/h4.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/exercises/h4.md b/exercises/h4.md
index f0c786c..dbbf723 100644
--- a/exercises/h4.md
+++ b/exercises/h4.md
@@ -13,7 +13,7 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
 
     - [EXTRA: Deleting Server field from HTTP header by updating Apache source code on Debian-based Linux distributions](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#extra-deleting-server-field-from-http-header-by-updating-apache-source-code-on-debian-based-linux-distributions)
     
-    - [EXTRA: Disable userdir module for user nobody to avoid server detection](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#extra-disable-userdir-module-for-user-nobody-to-avoid-server-detection)
+    - [EXTRA: Disable userdir module for user nobody to reduce server detection](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#extra-disable-userdir-module-for-user-nobody-to-reduce-server-detection)
 
 - [b) **Default website** Set user default website to be the default website for Apache in your virtual server environment.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#b-set-user-default-website-to-be-the-default-website-for-apache-in-your-virtual-server-environment)
 
@@ -417,7 +417,7 @@ Header unset ETag
 
 More about HTTP header syntax in [Wikipedia](https://en.wikipedia.org/wiki/List_of_HTTP_header_fields). More articles in [ETag](https://en.wikipedia.org/wiki/HTTP_ETag), [Vary: Accept-Encoding](https://blog.stackpath.com/accept-encoding-vary-important), etc.
 
-### EXTRA: Disable userdir module for user nobody to avoid server detection
+### EXTRA: Disable userdir module for user nobody to reduce server detection
 
 It is recommended to set `UserDir disabled nobody` in `/etc/apache2/mods-enabled/userdir.conf` file as Metasploit offensive scanning method `scanner/http/dir_scanner` can detect existence of URL/folder path `<myserver:80>/~nobody`. Minimize attack vector, and just disable the userdir module for user `nobody` on the server as follows: