We present to you a few feature as well as security enhancements to mask your webserver and site from web attacks!
- Do not use a default extension even though you use a language like php or aspx. If you can make it go away in entirety - the better! And do use Clean URLs Search engines love Clean URLs
- Modify your header information so that it returns something not so obvious. Take a look at mod_headers module
- Do not use CGI or SSI (Server Side Includes) - both of them are heavy on the server and vulnerable to attacks
- If you have a popular site, you might want to consider using something like Modsecurity which is a web application firewall which allows real time monitoring and analysis
- Get a book - Apache Security is a good start