The General browser displays information about the server execution script or server version, such as:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6D/D1/wKiom1VsJvPTpdFaAAHeQPMkoQ0036.jpg "title=" Qq20150601173259.jpg "alt=" Wkiom1vsjvptpdfaaaheqpmkoq0036.jpg "/>
While this facilitates debugging viewing, it exposes too much information about the server. Practical applications are best to close this information. Prevent those who have ulterior motives from doing damage.
PHP Stealth Method:
Document Address: http://php.net/manual/zh/ini.core.php#ini.expose-php
Modify PHP.ini
expose_php on
Change into
expose_php OFF
Restart the server. If there is no effect, you need to check if the modified php.ini is the current PHP-loaded configuration file.
Varnish Hidden methods:
Modify the DEFAULT.VCL configuration file.
Locate or add the Vcl_deliver subroutine with the following code:
Sub Vcl_deliver {unset resp.http.Via;//varnish display version information by default unset resp.http.x-varnish; Varnish default set resp.http.server= "No-server"; Backend server version information, such as: apache/2.4.4 (Win64)}
The first two lines of code is to delete the varnish default information header, the last line is to modify the backend server header, restart varnish
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6D/DA/wKiom1VtT16x6ZHxAAGvVcPrCkY214.jpg "title=" Qq20150602143750.jpg "alt=" Wkiom1vtt16x6zhxaagvvcprcky214.jpg "/>
Of course, you can also delete the Server display,
Set resp.http.server= "No-server";
Revision changed to
Unset resp.http.Server;
In the Vcl_deliver subroutine, you can modify the Add response header information arbitrarily, so there is varnish in the server and the back-end server does not need to modify the hidden configuration.
Apache Stealth Method:
Document Address: Http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
After the 2.0.44 version, modify the http.conf servertokens directive:
Servertokens Prod[uctonly]
The server will send (for example): Server:apache
Servertokens Major
The server will send (for example): SERVER:APACHE/2
Servertokens Minor
The server will send (for example): server:apache/2.0
Servertokens Min[imal]
The server will send (for example): server:apache/2.0.41
Servertokens OS
The server will send (for example): server:apache/2.0.41 (Unix)
Servertokens full (or unspecified)
The server will send (for example): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2
This setting acts on the entire server and cannot be used in the configuration segment of the virtual host.
Modify the value of the servertokens as needed, and then restart the server.
Nginx Hiding method:
Modify nginx.conf Add the following code to the file and modify it if it exists
Server_tokens off;
Restart the server to
This article is from the "gangbusters" blog, make sure to keep this source http://php2012web.blog.51cto.com/5585213/1657501
Hide Php,apache,varnish,nginx version information in the browser