Home > Backend Development > PHP Tutorial > How to hide the PHP version number on a Linux server_PHP Tutorial

How to hide the PHP version number on a Linux server_PHP Tutorial

WBOY
Release: 2016-07-13 09:51:45
Original
901 people have browsed it

How to hide the PHP version number on a Linux server

This article mainly introduces the method of hiding the PHP version number on a Linux server, which helps prevent Attackers launch attacks targeting vulnerabilities in the detailed version of PHP. Friends in need can refer to it

Usually, most web servers installed with default settings have information leakage, and one of them is PHP. PHP is one of the most popular server-side HTML embedded languages ​​today. In these challenging times, there are many attackers who will try to find vulnerabilities on your server. Therefore, I will briefly describe how to hide PHP information in a Linux server.

Expose_php is enabled by default. Turning off the "expose_php" parameter allows PHP to hide its version information.

 ?

1

[root@centos66 ~]# vi /etc/php.ini

1

[root@centos66 ~]# vi /etc/php.ini

1

expose_php = Off

In your php.ini, locate the line containing expose_php and set On to Off:

 ?

1

[root@centos66 ~]# curl -I http://www.ehowstuff.com/

1

1

2

3

4

5

6

7

8

9

HTTP/1.1 200 OK

Server: nginx

Content-Type: text/html; charset=UTF-8

Vary: Accept-Encoding

X-Powered-By: PHP/5.3.3

X-Pingback: http://www.ehowstuff.com/xmlrpc.php

Date: Wed, 11 Feb 2015 14:10:43 GMT

X-Page-Speed: 1.9.32.2-4321

Cache-Control: max-age=0, no-cache

expose_php = Off

Previously, the web server header looked like this:

1

2

3

4

5

6

7

8

9

HTTP/1.1 200 OK

Server: nginx

Date: Wed, 11 Feb 2015 15:38:14 GMT

Content-Type: text/html; charset=UTF-8

Vary: Accept-Encoding

X-Pingback: http://www.ehowstuff.com/xmlrpc.php

Date: Wed, 11 Feb 2015 14:10:43 GMT

X-Page-Speed: 1.9.32.2-4321

Cache-Control: max-age=0, no-cache

 ?
1

 ?
1 2 3 4 5
6
7 8 9
HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding X-Powered-By: PHP/5.3.3 X-Pingback: http://www.ehowstuff.com/xmlrpc.php Date: Wed, 11 Feb 2015 14:10:43 GMT X-Page-Speed: 1.9.32.2-4321 Cache-Control: max-age=0, no-cache
After changing and restarting the web service, php will no longer display the version in the web service header:  ?
1 2 3 4 5 6 7 8 9 HTTP/1.1 200 OK Server: nginx Date: Wed, 11 Feb 2015 15:38:14 GMT Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding X-Pingback: http://www.ehowstuff.com/xmlrpc.php Date: Wed, 11 Feb 2015 14:10:43 GMT X-Page-Speed: 1.9.32.2-4321 Cache-Control: max-age=0, no-cache
http://www.bkjia.com/PHPjc/1012360.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1012360.htmlTechArticleHow to hide the PHP version number on a Linux server This article mainly introduces how to hide the PHP version number on a Linux server The method of hiding the PHP version number helps prevent attackers from targeting the detailed version of PHP...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template