If you're doing this for PCI compliance, you might bug your hosting company to upgrade to latest stable releases on things, or find a new hosting company.. and you might look into dedicated server or vm hosting so you can have more control.
Additionally... the ServerSignatures directive can be place inside a VH, if you have any control over your VH config, you can apply that there.
