Hi Igor,
Both methods you mention indicate sw-cp-server 1.0.0, which is understandable.
The problem I have is that when being scanned for PCI Compliance, the scan results in likely false results indicating Apache/2.0.46.
I questioned McAfee Secure about the results, because as you indicate, the installed web server is NOT Apache/2.0.46.
Their response was to tell me how I can see what they are scanning using curl.
So I use curl like this: curl -IvkL
https://host.mydomain.com:8443
When I run this on the Plesk server (which is a vz container), I get the following answer for the Server:
< Server: sw-cp-server/1.0.0
Server: sw-cp-server/1.0.0
I ran the same curl command from 3 other Linux servers, one being the VZ hardware node, I get this response for the Server:
< Server: Apache/2.0.46 (Red Hat) mod_ssl/2.0.46 OpenSSL/0.9.7a
Server: Apache/2.0.46 (Red Hat) mod_ssl/2.0.46 OpenSSL/0.9.7a
So, I can understand how they would assume that Apache/2.0.46 is running.
I will dig into how the curl program is getting this response and where the information is coming from.
Thanks!