Just an update, I downloaded IDServ and amazingly it told me The server's response did not contain the expected 'Server:' header to identify itself. Therefore, server's identity can not be determined.

I went to check out URLScan and read about it but said it was only for IIS. But read alittle about it and was inreguing.

I checked out slarty's projects page and am reading through the article now. It is a fasinateing read and im only in the first parqagraph. Will read through it but would like to comment on the nice work and effort you put into it, as what I understand you made the site right? Very nicely done.

Well I have been thinking about this and still undesided but you make a good point

I personally don't see the need to try and hide what you are running, normally it takes an attacker all of one request to tell that you lied in the response and worms don't care.
Thanks one again for all of your guidence and help.