Home  >  Article  >  Backend Development  >  How does PHP obtain the header information of a specified URL and hide and close it?

How does PHP obtain the header information of a specified URL and hide and close it?

autoload
autoloadforward
2021-03-24 15:10:343515browse

1. How to obtain the header information of the specified URL in PHP

Super simple, just one line of command:

<?php print_r(get_headers(&#39;https://www.mdaima.com&#39;));?>
 
Array
(
    [0] => HTTP/1.1 403 Forbidden
    [1] => Date: Sun, 24 Jan 2021 05:09:48 GMT
    [2] => Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1i PHP/7.3.26
    [3] => Content-Length: 199
    [4] => Connection: close
    [5] => Content-Type: text/html; charset=iso-8859-1
)

2. How to disable display or The method of hiding header information

is divided into two steps. The first step is to change expose_php = On in the PHP.ini file to expose_php = Off, after restarting Apache, take another look at

Array
(
    [0] => HTTP/1.1 403 Forbidden
    [1] => Date: Sun, 24 Jan 2021 05:10:50 GMT
    [2] => Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1i
    [3] => Content-Length: 199
    [4] => Connection: close
    [5] => Content-Type: text/html; charset=iso-8859-1
)

After restarting, we can see that the information about the PHP version is no longer displayed , but the information of Apache and service name is still displayed. We need to be more thorough to ensure safety. We need to add two instructions to Apache's httpd.conf. First, let's confirm whether there are the following two configuration instructions in Apache's httpd.conf file. If not, directly add two lines of data at the bottom of the configuration file.

ServerTokens Prod
ServerSignature Off

For the instruction configuration parameters of ServerTokens, please see the instructions below:

ServerTokens Prod   显示“Server: Apache”
ServerTokens Major  显示 “Server: Apache/2″
ServerTokens Minor  显示“Server: Apache/2.2″
ServerTokens Min   显示“Server: Apache/2.2.17″
ServerTokens OS   显示 “Server: Apache/2.2.17 (Unix)”
ServerTokens Full   显示 “Server: Apache/2.2.17 (Unix) PHP/5.3.5″ (如果未指定任何的值,这个是默认的返回信息)

Instructions for ServerSignature On:

           When set to On, when a user requests to access the webpage of our website that does not exist, the server will display an error message. The error message will include the name of the server and Apache at the bottom of the page. Version and other related information are displayed, which will provide some convenience for some unscrupulous people to exploit known version vulnerabilities. So we'd better not display this information, we can set this parameter to Off.

By modifying these two parameter configuration files, the final effect of obtaining header is as follows:

Array
(
    [0] => HTTP/1.1 403 Forbidden
    [1] => Date: Sun, 24 Jan 2021 04:54:49 GMT
    [2] => Server: Apache
    [3] => Content-Length: 258
    [4] => Connection: close
    [5] => Content-Type: text/html; charset=iso-8859-1
)

Recommended: "php video tutorial"《php tutorial

The above is the detailed content of How does PHP obtain the header information of a specified URL and hide and close it?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:码代码-李雷博客. If there is any infringement, please contact admin@php.cn delete