Hide the Apache Web Server Version number


There are two config directives that controls Apache version.

The ServerSignature directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients.

The ServerTokens directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules.

Add the following to .htaccess

ServerSignature Off
ServerTokens Prod

WordPress: Which privileges are needed by MySQL Database User

The famous 5 minutes installation for WordPress state that:

Create a database for WordPress on your web server, as well as a MySQL user who has all privileges for accessing and modifying it

Most installation instruction for WordPress on the web state that you can GRANT ALL PRIVILEGES to that user.

Q. What are the least required access rights or privileges that I should grant to this user for WordPress to function properly?

A. You can grant the following permissions to a MySQL user :

  • ALTER
  • CREATE
  • CREATE TEMPORARY TABLES
  • DELETE
  • DROP
  • INDEX
  • INSERT
  • LOCK TABLES
  • SELECT
  • UPDATE