How to hide the PHP version number on a Linux Server

Source: Internet
Author: User

How to hide the PHP version number on a Linux Server

This article mainly introduces how to hide the PHP version number on a Linux server, which helps prevent attacks initiated by attackers against PHP detailed version vulnerabilities. For more information, see

In general, information leakage exists on most web Servers installed by default, one of which is PHP. PHP is now a popular server-side html embedded language ?). In today's challenging age, many attackers attempt to discover vulnerabilities on your server. Therefore, I will briefly describe how to hide PHP information on a Linux server.

Expose_php is enabled by default. Disable the "expose_php" parameter so that php can hide its version information.

?

1

[Root @ centos66 ~] # Vi/etc/php. ini

In your php. ini, locate the line containing expose_php and set On to Off:

?

1

Expose_php = Off

Before that, the web server header looks like this:

?

1

[Root @ centos66 ~] # Curl-I http://www.ehowstuff.com/

?

1

2

3

4

5

6

7

8

9

HTTP/1.1 200 OK

Server: nginx

Content-Type: text/html; charset = UTF-8

Vary: Accept-Encoding

X-Powered-By: PHP/5.3.3

X-Pingback: http://www.ehowstuff.com/xmlrpc.php

Date: Wed, 11 Feb 2015 14:10:43 GMT

X-Page-Speed: 1.9.32.2-4321

Cache-Control: max-age = 0, no-cache

After changing and restarting the Web service, php will not display the version in the web Service header:

?

1

2

3

4

5

6

7

8

9

HTTP/1.1 200 OK

Server: nginx

Date: Wed, 11 Feb 2015 15:38:14 GMT

Content-Type: text/html; charset = UTF-8

Vary: Accept-Encoding

X-Pingback: http://www.ehowstuff.com/xmlrpc.php

Date: Wed, 11 Feb 2015 14:10:43 GMT

X-Page-Speed: 1.9.32.2-4321

Cache-Control: max-age = 0, no-cache

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.