Security consultants sometime say you should remove the version of apache and php from your response headers. Personally I think the better idea is to have an up to date version in the first place.

simply add this to the httpd.conf

ServerTokens ProductOnly
ServerSignature Off

in php.ini

expose_php = Off