Your server signature is on. Turning off your server signature is generally a good idea from a security standpoint. Read more on how to turn off server signature and improve your website’s security.
Server: Flywheel/5.1.0
How to Fix This.
How to pass this test?
By default, the Apache webserver sends HTTP headers with some information about your server version, operating system, modules installed, etc. This information can be used by hackers in order to exploit vulnerabilities (specially if you are running an older version). These information can be hidden or changed with very basic configurations.
Open Apache’s configuration file (httpd.conf or apache.conf) and search for ServerSignature. If you find it, edit it to:
ServerSignature Off
ServerTokens Prod
If you don’t find it, just add these two lines at the end of the file.
Note that, after you modify the configuration file, you must restart the Apache server.
Yash Patel
WordPress Developer