How to set personal settings for .../apache2/sites virtual host config files

I have started to look at trying to tighten up security on my Mountain Lion Server. I have more than one website on the server.

The first logical place to start seemed to be to set the following:

ServerTokens Prod

ServerSignature Off

I tried this in httpd.conf but the above lines were totally ignored.

I then realised (because DocumentRoot had a different path i.e. /Library/WebServer/Documents to what was being actually used namely /Library/Server/Web/Data/Sites) that Mountain Lion Server does its own unique thing for virtual hosts behind the scenes. This led me to find a bunch of configuration files located elsewhere e.g. /Library/Server/Web/Config/apache2/sites/0000_any_80_wp.private.conf.

So I thought I would try by putting the above two lines in one of these files namely
0000_any_80_wp.private.conf.

Sure enough, at first an apache error page did not reveal apache and php details which is what I wanted.

But then, everything broke and I couldn't access any of the websites anymore.

I tried again moving the two lines to 0000_any_80_.conf but this didn't work either.

I then tried creating a separate conf file and added the following line to the end of 0000_any_80_.conf:

Include /Library/Server/Web/Config/apache2/siteincludes/any80.personal.conf

What I saw next astounded me. Mountain Lion Server commented out the above line and put in brackets the following statement:

(commented out because no args)

Then on next reboot of the server my include line was totally removed from the conf file by Mountain Lion Server but everything worked fine again, except, of course apache broadcasting version information about itself, php and ssl on error pages again.

Obviously there is a bit of voodoo going on here.

I would appreciate thoughts on how to do this without upsetting Mountain Lion Server's Server app.

Regards.