Limit announced versions in minipots

HTTP and FTP minipots introduce itself (in headers) as:

Server: Apache/2.4.38 (Debian)

and

220 (vsFTPd 3.0.3)

respectively.

Although it's not so crucial in a honeypot to "hide" simulated version, it is a good practice in real world to limit these information to strip literal version or the version at all.

e.g. in Apache, there is a common configuration option called ServerTokens which is recommended to set as ProductOnly, Major or Minor.

In our minipots, the announced version would obsolete a lot and attackers can also distinguish us based on it.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Admin message

Limit announced versions in minipots