How to hide the PHP version number on a Linux system server, the Linux version number
Typically, one of the Web servers that are installed with the default settings is information disclosure, which is PHP. PHP is now a popular service-side HTML embedded language (one?). )。 In today's challenging era, there are a number of attackers who try to discover vulnerabilities on your server. Therefore, I will briefly describe how to hide php information in a Linux server.
By default, expose_php is on by default. Turning off the "expose_php" parameter allows PHP to hide its version information.
[Root@centos66 ~]# Vi/etc/php.ini
In your php.ini, locate the line containing the expose_php and set it to OFF:
expose_php = Off
Until then, the Web server header looks like this:
[Root@centos66 ~]# curl-i http://www.ehowstuff.com/
http/1.1 OK server:nginx content-type:text/html; charset=utf-8 vary:accept-encoding x-powered-by:php/5.3.3 x-pingback:http://www.ehowstuff.com/xmlrpc.php date:wed, 14:10:43 GMT x-page-speed:1.9.32.2-4321 Cache-control:max-age=0, No-cache
After you change and restart the Web service, PHP does not display the version in the Web Service header:
http/1.1 OK Server:nginx date:wed, one 15:38:14 GMT content-type:text/html; charset=utf-8 Vary:accept-encoding x-pingback:http://www.ehowstuff.com/xmlrpc.php date:wed, 14:10:43 GMT x-page-speed:1.9.32.2-4321 cache-control:max-age=0, No-cache
http://www.bkjia.com/PHPjc/1012741.html www.bkjia.com true http://www.bkjia.com/PHPjc/1012741.html techarticle The method of hiding the PHP version number on a server on a Linux system, the Linux version number typically, there is information disclosure for most of the Web servers installed by default, one of which is PHP. PHP is like ...