By default apache shows on each directory listing, error or non existing page etc. apache version, OS Version and some apache modules in the bottom of your site.

Attackers can use this information to their advantage when performing an attack.
I describe a little bit how to secure apache2, to prevent the showing of apache version and server strings.

1

vim /etc/apache2/conf.d/security

Configuration should be:

2
3
4

ServerTokens Prod
ServerSignature Off
TraceEnable Off

Restart apache:

1

/etc/init.d/apache2 restart