Search code examples
apache

How do I find the version of Apache running without access to the command line?

I need to either find a file in which the version is encoded or a way of polling it across the web so it reveals its version. The server is running at a host who will not provide me command line access, although I can browse the install location via FTP.

I have tried HEAD and do not get a version number reported.

If I try a missing page to get a 404 it is intercepted, and a stock page is returned which has no server information on it. I guess that points to the server being hardened.

Still no closer...

I put a PHP file up as suggested, but I can't browse to it and can't quite figure out the URL path that would load it. In any case I am getting plenty of access denied messages and the same stock 404 page. I am taking some comfort from knowing that the server is quite robustly protected.

Solution

  • The method

    Connect to port 80 on the host and send it

    HEAD / HTTP/1.0

    This needs to be followed by carriage-return + line-feed twice

    You'll get back something like this

    HTTP/1.1 200 OK
Date: Fri, 03 Oct 2008 12:39:43 GMT
Server: Apache/2.2.9 (Ubuntu) DAV/2 SVN/1.5.0 PHP/5.2.6-1ubuntu4 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Thu, 02 Aug 2007 20:50:09 GMT
ETag: "438118-197-436bd96872240"
Accept-Ranges: bytes
Content-Length: 407
Connection: close
Content-Type: text/html; charset=UTF-8

    You can then extract the apache version from the Server: header

    Typical tools you can use

    You could use the HEAD utility which comes with a full install of Perl's LWP library, e.g.

    HEAD http://your.webserver.com/

    Or, use the curl utility, e.g.

     curl --head http://your.webserver.com/

    You could also use a browser extension which lets you view server headers, such as Live HTTP Headers or Firebug for Firefox, or Fiddler for IE

    Stuck with Windows?

    Finally. if you're on Windows, and have nothing else at your disposal, open a command prompt (Start Menu->Run, type "cmd" and press return), and then type this

    telnet your.webserver.com 80

    Then type (carefully, your characters won't be echoed back)

    HEAD / HTTP/1.0

    Press return twice and you'll see the server headers.

    Other methods

    As mentioned by cfeduke and Veynom, the server may be set to return limited information in the Server: header. Try and upload a PHP script to your host with this in it

    <?php phpinfo() ?>

    Request the page with a web browser and you should see the Apache version reported there.

    You could also try and use PHPShell to have a poke around, try a command like

    /usr/sbin/apache2 -V