The flipside to this is, if you're running a version of
PHP/Apache which is not known to have exploitable bugs (usually the latest stable version at the time), and an attacker sees this, they may give up before even trying. If they don't, they may continue to attempt their exploit(s).
It really depends on the type of attacker. The educated, security advisory reading attacker vs. script kiddie on the street.
If you're keeping up on patches, version exposition should not be a problem for you.
