One thing that should be done for those hosting their own Apache Webservers is to remove any unneeded information from Apache Error responses:
Apache/2.4.48 (Ubuntu) Server at example.com Port 443
In the standard setup for Apache, Apache reveals it’s version number as well as the underlying O/S that it is running on. Why make it so easy for hackers? Make them work to get that information.
Add this to the end of your /etc/apache2/apache2.conf file:
ServerTokens Prod
ServerSignature Off
That’s all there is to it. If you are hosted on somebody else’s Apache, ask, no DEMAND, that they do it.