Web Server Security - Task failed

Hello team - My task got failed after following the below steps. Could you please check and advise ?

During a recent security audit, the application security team of xFusionCorp Industries found security issues with the Apache web server on Nautilus App Server 2 server in Stratos DC. They have listed several security issues that need to be fixed on this server. Please apply the security settings below:

a. On Nautilus App Server 2 it was identified that the Apache web server is exposing the version number. Ensure this server has the appropriate settings to hide the version number of the Apache web server.

b. There is a website hosted under /var/www/html/beta on App Server 2. It was detected that the directory /beta lists all of its contents while browsing the URL. Disable the directory browser listing in Apache config.

c. Also make sure to restart the Apache service after making the changes.
Steps:

curl -I http://172.16.238.11:8080 --> showed Apache version.
sudo systemctl start httpd
sudo systemctl status httpd

Added below 2 lines end of config file : /etc/httpd/conf/httpd.conf

ServerTokens Prod
ServerSignature Off

Modified httpd.conf config file as below

<Directory “/var/www/html”>
Options -Indexes
AllowOverride None
Require all granted

sudo systemctl restart httpd

checked apache version with command curl -I http://172.16.238.11:8080 and I don’t see the version details. However it says

  • directory listing is not disable on apache server on App Server 2. Could you please check and advise if I miss anything ? Thank you. @Inderpreet @rahul456 @KodeKloud

Hello @jsripad,

Can you please provide us with the lab link?

I think I got my mistake. Thank you.