mkdir -p ~/source_codes/apache2 && cd ~/source_codes/apache2 && \
apt-get source apache2
```
--------------------------
**NOTE:** If you get the following error:
```
Reading package lists... Done
E: You must put some 'source' URIs in your sources.list
```
then just 1) uncomment all `deb-src` lines in `/etc/apt/sources.list` file, 2) remove duplicate entries and 3) update databases by issuing the following command sequence:
```
```
sudo sed -i 's/^# deb-src/deb-src/g' /etc/apt/sources.list && \
After which add [source code patch file](https://raw.githubusercontent.com/Fincer/linux-server-setup/master/patches/patch_apache_servertokens.patch) into created `$HOME/source_codes/apache2` folder.
```
--------------------------
After downloading the source add [source code patch file](https://raw.githubusercontent.com/Fincer/linux-server-setup/master/patches/patch_apache_servertokens.patch) into created `$HOME/source_codes/apache2` folder.
**NOTE:** I have personally created the patch file with Unix tool `diff`. The patch file is not downloaded from any suspicious website. You can always check & analyse the patch file code yourself if still hesitating.
**NOTE:** I have personally created the patch file with Unix tool `diff`. The patch file is not downloaded from any suspicious website. You can always check & analyse the patch file code yourself if still hesitating.
If you have a working Apache HTTP daemon (web server) environment on your Linux, please check the version of your Apache software version with the following command before compiling & installing a custom-patched Apache version:
If you have a working Apache HTTP daemon (web server) environment on your Linux, please check the version of your Apache software version with the following command before compiling & installing a custom-patched Apache version:
```
```
newuser@goauldhost:~$ dpkg -s apache2 |grep -i version
Version: 2.4.18-2ubuntu3.5
dpkg -s apache2 |grep -i version
Version: 2.4.18-2ubuntu3.5
```
```
In that way we can be sure version of the downloaded source code matches with our already-installed/existing Apache environment.
In that way we can be sure version of the downloaded source code matches with our already-installed/existing Apache environment.
@ -296,25 +318,25 @@ In that way we can be sure version of the downloaded source code matches with ou
Once you have downloaded the source code, go to the following folder (which contains the code):
Once you have downloaded the source code, go to the following folder (which contains the code):
```
```
newuser@goauldhost:~/source_codes/apache2$ cd apache2-2.4.18/
cd ~/source_codes/apache2/apache2-2.4.18/
```
```
Implement the patch file changes into the Apache source code:
Implement the patch file changes into the Apache source code in your current working directory `~/source_codes/apache2/apache2-2.4.18`:
It is essential to check which apache2 packages have been installed into the target system. We want to install only specific deb packages already found in the system, as multiple deb packages have been compiled by the previous command. All found Apache2 packages in the system should be replaced by the ones compiled from the Apache2 source code.
It is essential to check which apache2 packages have been installed into the target system. We want to install only specific deb packages already found in the system, as multiple deb packages have been compiled by the previous command. All found Apache2 packages in the system should be replaced by the ones compiled from the Apache2 source code.
@ -332,8 +354,8 @@ It is essential to check which apache2 packages have been installed into the tar
System has the following Apache2 packages:
System has the following Apache2 packages:
```
```
newuser@goauldhost:~/source_codes/apache2/apache2-2.4.18$ cd ..
where `APACHE_NEW_VERSION` is the new compiled version of your Apache web server.
If everything has succeeded you should have a working, patched Apache web server in your target system. Because the patches web server software supports `ServerTokens None` option now, we shall add this option into `/etc/apache2/apache2.conf`.
If everything has succeeded you should have a working, patched Apache web server in your target system. Because the patches web server software supports `ServerTokens None` option now, we shall add this option into `/etc/apache2/apache2.conf`.
Add the following lines (// just replace `ServerTokens Prod` with `ServerTokens None`):
Add the following lines (// just replace `ServerTokens Prod` with `ServerTokens None`):
@ -389,7 +418,7 @@ ServerTokens None
Restart Apache2 server (you must apply the patch file before doing this because the default Apache software does not implement `None` for ServerTokens):
Restart Apache2 server (you must apply the patch file before doing this because the default Apache software does not implement `None` for ServerTokens):