隐藏apache和php的版本信息配置方法
隐藏apache和php的版本信息,web server避免一些不必要的麻烦,可以把apache和php的版本信息不显示
隐藏 Apache 版本信息
/etc/apache2/apache2.conf 或 /etc/httpd/conf/httpd.conf
ServerTokens ProductOnly
ServerSignature Off
重启 apache
现在 http 头里面只看到:
Server: Apache
隐藏 PHP 版本
php.ini
expose_php On
改成
expose_php Off
重启apache后,php版本在http头中隐藏了。
详解 :
为了防止某些别有用心的家伙窥视我们的服务器,应该做些什么.
我们来看一下相关的2个参数,分别为ServerTokens和ServerSignature,通过控制这2个阀门应该就能起到一些作用,比如我们可以在配置文件中这么写:
ServerTokens Prod
ServerSignature Off
ServerTokens
用于控制服务器是否相应来自客户端的请求,向客户端输出服务器系统类型或内置模块等重要的系统信息。 在主配置文件中提供全局控制默认阀值为"Full"(ServerTokens Full),所以,如果你的Linux发行版本没有更改过这个阀值的话,所有与你的系统有关的敏感信息都会向全世界公开。比如RHEL会将该 阀值更改为"ServerTokens OS",而Debian依然使用默认的"Full"阀值
以apache-2.0.55为例,阀值可以设定为以下某项(后面为相对应的Banner Header):
Prod >>> Server: Apache
Major >>> Server: Apache/2
Minor >>> Server: Apache/2.0
Minimal >>> Server: Apache/2.0.55
OS >>> Server: Apache/2.0.55 (Debian)
Full (or not specified) default >>> Server: Apache/2.0.55 (Debian) PHP/5.1.2-1+b1 mod_ssl/2.0.55 OpenSSL/0.9.8b
ServerSignature
控制由系统生成的页面(错误信息,mod_proxy ftp directory listing等等)的页脚中如何显示信息。
可在全局设置文件中控制,或是通过.htaccess文件控制
默认为"off"(ServerSignature Off),有些Linux发行版本可能会打开这个阀门,比如Debian在默认的虚拟主机上默认将这个阀门设置为开放
全局阀门的阀值会被虚拟主机或目录单位的配置文件中的阀值所覆盖,所以,必须确保这样的事情不应该发生 .
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1384
52
PHP and Python: Comparing Two Popular Programming Languages
Apr 14, 2025 am 12:13 AM
PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.
PHP's Current Status: A Look at Web Development Trends
Apr 13, 2025 am 12:20 AM
PHP remains important in modern web development, especially in content management and e-commerce platforms. 1) PHP has a rich ecosystem and strong framework support, such as Laravel and Symfony. 2) Performance optimization can be achieved through OPcache and Nginx. 3) PHP8.0 introduces JIT compiler to improve performance. 4) Cloud-native applications are deployed through Docker and Kubernetes to improve flexibility and scalability.
How to set the cgi directory in apache
Apr 13, 2025 pm 01:18 PM
To set up a CGI directory in Apache, you need to perform the following steps: Create a CGI directory such as "cgi-bin", and grant Apache write permissions. Add the "ScriptAlias" directive block in the Apache configuration file to map the CGI directory to the "/cgi-bin" URL. Restart Apache.
PHP: The Foundation of Many Websites
Apr 13, 2025 am 12:07 AM
The reasons why PHP is the preferred technology stack for many websites include its ease of use, strong community support, and widespread use. 1) Easy to learn and use, suitable for beginners. 2) Have a huge developer community and rich resources. 3) Widely used in WordPress, Drupal and other platforms. 4) Integrate tightly with web servers to simplify development deployment.
PHP: A Key Language for Web Development
Apr 13, 2025 am 12:08 AM
PHP is a scripting language widely used on the server side, especially suitable for web development. 1.PHP can embed HTML, process HTTP requests and responses, and supports a variety of databases. 2.PHP is used to generate dynamic web content, process form data, access databases, etc., with strong community support and open source resources. 3. PHP is an interpreted language, and the execution process includes lexical analysis, grammatical analysis, compilation and execution. 4.PHP can be combined with MySQL for advanced applications such as user registration systems. 5. When debugging PHP, you can use functions such as error_reporting() and var_dump(). 6. Optimize PHP code to use caching mechanisms, optimize database queries and use built-in functions. 7
How to start apache
Apr 13, 2025 pm 01:06 PM
The steps to start Apache are as follows: Install Apache (command: sudo apt-get install apache2 or download it from the official website) Start Apache (Linux: sudo systemctl start apache2; Windows: Right-click the "Apache2.4" service and select "Start") Check whether it has been started (Linux: sudo systemctl status apache2; Windows: Check the status of the "Apache2.4" service in the service manager) Enable boot automatically (optional, Linux: sudo systemctl
How to check Debian OpenSSL configuration
Apr 12, 2025 pm 11:57 PM
This article introduces several methods to check the OpenSSL configuration of the Debian system to help you quickly grasp the security status of the system. 1. Confirm the OpenSSL version First, verify whether OpenSSL has been installed and version information. Enter the following command in the terminal: If opensslversion is not installed, the system will prompt an error. 2. View the configuration file. The main configuration file of OpenSSL is usually located in /etc/ssl/openssl.cnf. You can use a text editor (such as nano) to view: sudonano/etc/ssl/openssl.cnf This file contains important configuration information such as key, certificate path, and encryption algorithm. 3. Utilize OPE
PHP vs. Python: Core Features and Functionality
Apr 13, 2025 am 12:16 AM
PHP and Python each have their own advantages and are suitable for different scenarios. 1.PHP is suitable for web development and provides built-in web servers and rich function libraries. 2. Python is suitable for data science and machine learning, with concise syntax and a powerful standard library. When choosing, it should be decided based on project requirements.
