How to hide the PHP version number on a Linux system server, Linux version number _php tutorial

How to hide the PHP version number on a Linux system server, the Linux version number

Typically, one of the Web servers that are installed with the default settings is information disclosure, which is PHP. PHP is now a popular service-side HTML embedded language (one?). ）。 In today's challenging era, there are a number of attackers who try to discover vulnerabilities on your server. Therefore, I will briefly describe how to hide php information in a Linux server.

By default, expose_php is on by default. Turning off the "expose_php" parameter allows PHP to hide its version information.

[Root@centos66 ~]# Vi/etc/php.ini

In your php.ini, locate the line containing the expose_php and set it to OFF:

expose_php = Off

Until then, the Web server header looks like this:

  [Root@centos66 ~]# curl-i http://www.ehowstuff.com/

  http/1.1 OK  server:nginx  content-type:text/html; charset=utf-8  vary:accept-encoding  x-powered-by:php/5.3.3  x-pingback:http://www.ehowstuff.com/xmlrpc.php  date:wed, 14:10:43 GMT  x-page-speed:1.9.32.2-4321  Cache-control:max-age=0, No-cache

After you change and restart the Web service, PHP does not display the version in the Web Service header:

  http/1.1 OK  Server:nginx  date:wed, one 15:38:14 GMT  content-type:text/html; charset=utf-8  Vary:accept-encoding  x-pingback:http://www.ehowstuff.com/xmlrpc.php  date:wed, 14:10:43 GMT  x-page-speed:1.9.32.2-4321  cache-control:max-age=0, No-cache

http://www.bkjia.com/PHPjc/1012741.html www.bkjia.com true http://www.bkjia.com/PHPjc/1012741.html techarticle The method of hiding the PHP version number on a server on a Linux system, the Linux version number typically, there is information disclosure for most of the Web servers installed by default, one of which is PHP. PHP is like ...

