Server Signuture turn off need access to php.ini

I want to add the following settings to my server:

ServerSignature Off
ServerTokens Prod

However after research I have to add these settings in my httpd.conf or apache2.conf file. It wont work in m开发者_StackOverflow中文版y php.ini or .htaccess on my public webroot. If I have not got access to these two server files (httpd.conf or apache2.conf) how can I get access or is there an alternative way to get these settings to work. It is a security issue I need to sort out ASAP. Thanks

No, you can't configure Apache (as these are apache settings) via php nor any other language.

You may hide these values from showing on error pages with a little of mod_rewrite that any request to your server or web application gets directed to a php script that outputs whatever error you want.

These values are also shown in the http response headers that apache sends to the browser, so maybe you can overwrite them with php via the header function, using the optional param $bool_replace = true (which is the default value):

header("Server: IIS/6.0", true); // this will fool observers
header("X-Powered-By: Feces-Throwing-Monkey 3.14", true);

edit: Judging from a comment in php's header documentation, this works, and you should also overwrite the X-Powered-By header.