Skip to main content

Server Security - Hide PHP Version

The PHP Configuration by default shows the PHP version in HTTP server header X-Powered-By to display the version installed on the server.

But for security reasons, it is generally recommended to hide the version info from attackers or hackers.

Sometimes versions has some vulnerabilities which help the attackers to find loop holes and gain access to your system. If the attacker knows the PHP version then it would be easier for them to exploit and find security holes.

Therefore in this article “Server Security – Hide PHP Version” I will be explaining how to hide PHP Version from the response header.

Suggested Read: Secure Apache Web Server

X-Powered By Header

To hide the version we need to open php.ini file in the file editor.

expose_php = On
expose_php = Off

You may find php.ini on the following locations

Debian/Ubuntu – /etc/php/7.0/cli/php.ini
CentOS – /etc/php.ini

Now locate expose_php and sets its value to Off

expose_php = off

Save the file and exit. Afterwards restart the server

$ sudo service httpd restart

$ sudo service apache2 restart

If you have any questions related to this article then leave your comments I will try to help you.

Labels:

Comments

Post a Comment

Popular posts from this blog

Automation - Update Naukri Profile Using Selenium

Recently one of my friend came to me with a problem. He is looking out for new job but he feels quite boring to update  his profile on daily basis. As some people says updating profile in the morning gives you more calls as it keeps the newly updated profile on top (Although i don’t know whether naukri works this way or not 😀 ). As i was more interested to solve his problem.  After listening his problem i came to solution that instead of updating it manually lets make this job automatic. And it is quite interesting how we can automate our daily boring task with automation. Another day i came with the solution . And the solution was to make it automatic using selenium (Those who are not aware about selenium do check this link) In short, Selenium is a Testing automation Framework. And it is for automating web applications for testing purposes, but is certainly not limited to just that. Boring web-based administration tasks can (and should) also be automated as well....
Post a Comment
Read more

Mi Selfie Stick Tripod (Bluetooth Remote) Review

Hello Readers, Today in this article, I am going to review Mi Selfie Stick Tripod (Bluetooth Remote) . I have purchased this selfie stick 4 months back. So I thought I should share my experience with this selfie stick. Before getting into details let me list down some of its features and specification. Features Tripod Detachable Bluetooth remote Light and compact Aluminum rod 360-degree rotating phone holder Specs Color: Black & White Weight: 155 grams Version: Android 4.3 or higher, iOS 5.0 or higher Bluetooth version: 3.0 Battery life: up to 50,000 clicks and charging time 1 to 2 hours Review Looks: The product looks premium and also lightweight. The best thing it can hold any smartphone easily. I have tested this with mi and oneplus5 and this works great. Tripod: It also comes with built-in tripod stand so you fix your smartphone and click pictures using Bluetooth remote. You can also use this tripod to record youtube videos etc. Quality & Weight: Overall I am impressed with...
Post a Comment
Read more

Shut Down the Computer using notepad

Open notepad >> Write @echo off msg * I am tired. shutdown -c “So, Bye Bye dear” -s >> Save the File as AnyName.bat When you will open this file, your Computer will Shut down on its own after showing the message in it. NOTE: FOR EDUCATIONAL PURPOSE ONLY.I AM NOT RESPONSIBLE FOR IF ANYTHING GOES WRONG…. 
Post a Comment
Read more