How to hide PHP version in Linux server
|
Usually, most of the webservers installed with default settings have information leakage, and one of them is PHP. PHP is one of the popular server-side htmlembedded languages (one?). In these challenging times, there are many attackers who will try to find vulnerabilities on your server. Therefore, I will briefly describe how to hide PHP information in Linuxserver.
is on by default expose_php is on by default. Turning off the "expose_php" parameter allows php to hide its version information.
[root@centos66 ~]#vi /etc/php.ini
In your php.ini, locate the one containing expose_php That's OK Set On to Off:
expose_php = Off
Before that, webThe server header looks like Like this:
[root@centos66 ~]#curl -I http://www.ehowstuff.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Vary:Accept-Encoding
X-Powered-By
 HP/5.3.3X-Pingback: http: //www.ehowstuff.com/xmlrpc.php
Date: Wed, 11 Feb2015 14:10:43 GMT
X-Page-Speed:1.9.32.2-4321
Cache-Control: max-age=0, no-cache
After changing and restarting the Web service, php will not show the version in the web service header Got:
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
V ary:Accept-Encoding
X-Powered-By
HP/5.3.3 GMT
X-Page-Speed:1.9.32.2-4321
Cache-Control: max-age=0, no-cache
LCTTAnnotation: In addition to the version of PHP , the Web server will also be leaked by default version number. If you use Apache server, please refer to this article to turn off Apache version display; if you use Nginx server, please turn off http Add within paragraph server_tokens off; configuration. Please remember to restart related services for the above modifications.
Receive LAMP Brothers’ original PHP tutorial CD/"Essential PHP in Detail" for free. For details, please contact the official website customer service: http://www.lampbrother.net
PHPCMSSecondary development http://yun.itxdl.cn/online/phpcms/index.php?u=5
WeChat development =5
Mobile Internet Server Side Development http://yun.itxdl.cn/online/server/index.php?u=5
JavascriptCourse http: //yun.itxdl.cn/online/js/index.php?u=5
CTOTraining Camp u=5
|
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'?
Apr 01, 2025 am 07:21 AM
Alipay PHP...
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
Explain the concept of late static binding in PHP.
Mar 21, 2025 pm 01:33 PM
Article discusses late static binding (LSB) in PHP, introduced in PHP 5.3, allowing runtime resolution of static method calls for more flexible inheritance.Main issue: LSB vs. traditional polymorphism; LSB's practical applications and potential perfo
How does session hijacking work and how can you mitigate it in PHP?
Apr 06, 2025 am 12:02 AM
Session hijacking can be achieved through the following steps: 1. Obtain the session ID, 2. Use the session ID, 3. Keep the session active. The methods to prevent session hijacking in PHP include: 1. Use the session_regenerate_id() function to regenerate the session ID, 2. Store session data through the database, 3. Ensure that all session data is transmitted through HTTPS.
Describe the SOLID principles and how they apply to PHP development.
Apr 03, 2025 am 12:04 AM
The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.
How to automatically set permissions of unixsocket after system restart?
Mar 31, 2025 pm 11:54 PM
How to automatically set the permissions of unixsocket after the system restarts. Every time the system restarts, we need to execute the following command to modify the permissions of unixsocket: sudo...
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
How to debug CLI mode in PHPStorm?
Apr 01, 2025 pm 02:57 PM
How to debug CLI mode in PHPStorm? When developing with PHPStorm, sometimes we need to debug PHP in command line interface (CLI) mode...
