In the default configuration of Apache, any error pages will contain the full signature of the server (version number) which could be exploited by hackers. Each version has some deficiencies that could be exploited, and a hacker who knows your version number may benefit from it by focused attacks.
To disable server signature, you will need to edit your /etc/apache2/apache2.conf file.
sudo nano /etc/apache2/apache2.conf
Press Ctrl+w to search for "ServerSignature" and press return. If you find it, edit it to:
If you don't find it, just scroll to the end of the file and add these two lines.ServerSignature Off
Then, we need to reload apache configuration to put this new change in effect:
sudo /etc/init.d/apache2 reload
Check the new configuration by entering an invalid address on your server URL (e.g. www.server.com/invalidpage.html). You should not see the server signature now, just the server name.