简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  Backend Development  >  How to hide PHP version in Linux server

How to hide PHP version in Linux server

WBOY
WBOYOriginal
2016-07-25 08:51:15966browse
Usually, most of the webservers installed with default settings have information leakage, and one of them is PHP. PHP is one of the popular server-side htmlembedded languages ​​(one?). In these challenging times, there are many attackers who will try to find vulnerabilities on your server. Therefore, I will briefly describe how to hide PHP information in Linuxserver.
is on by default expose_php is on by default. Turning off the "expose_php" parameter allows php to hide its version information.
[root@centos66 ~]#vi /etc/php.ini
In your php.ini, locate the one containing expose_php That's OK Set On to Off:
expose_php = Off
Before that, webThe server header looks like Like this:
[root@centos66 ~]#curl -I http://www.ehowstuff.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Vary:Accept-Encoding
X-Powered-ByHP/5.3.3
X-Pingback: http: //www.ehowstuff.com/xmlrpc.php
Date: Wed, 11 Feb2015 14:10:43 GMT
X-Page-Speed:1.9.32.2-4321
Cache-Control: max-age=0, no-cache
After changing and restarting the Web service, php will not show the version in the web service header Got:
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
V ary:Accept-Encoding
X-Powered-ByHP/5.3.3
GMT
X-Page-Speed:1.9.32.2-4321
Cache-Control: max-age=0, no-cache
LCTTAnnotation: In addition to the version of PHP , the Web server will also be leaked by default version number. If you use Apache server, please refer to this article to turn off Apache version display; if you use Nginx server, please turn off http Add within paragraph server_tokens off; configuration. Please remember to restart related services for the above modifications.
Receive LAMP Brothers’ original PHP tutorial CD/"Essential PHP in Detail" for free. For details, please contact the official website customer service: http://www.lampbrother.net
PHPCMSSecondary development http://yun.itxdl.cn/online/phpcms/index.php?u=5
WeChat development                                                                             =5
Mobile Internet Server Side Development http://yun.itxdl.cn/online/server/index.php?u=5
JavascriptCourse http: //yun.itxdl.cn/online/js/index.php?u=5
CTOTraining Camp                                                                 u=5

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Seven misconceptions about HTTPSNext article:Seven misconceptions about HTTPS

Related articles

See more