// CTF CHALLENGE 23

Server Defender: Hardening

You must audit the configuration files before moving to Production. Enter the exact value or directive requested to secure the server.

[1] security.conf -> Ocultación de Firmas

Currently Apache returns Apache/2.4.41 (Ubuntu) in the HTTP headers. What value should you assign to the ServerTokens directive so it only returns Apache?

[2] apache2.conf -> Listado de Directorios

Inside the <Directory /var/www/html> block, what exact option (including the symbol) must you set to prevent users from seeing an index of files if index.html is missing?

[3] php.ini -> RCE Prevention

What is the name of the directive in PHP that allows creating a comma-separated blacklist of system commands like system or shell_exec so they cannot be executed?

Server Defender: Hardening

🛡️ Generar Reporte OSINT