PHP : Hide PHP version information from curl
By default, PHP will expose its version information when query by curl -I
and you may want to hide the version information to prevent a potential attacker from gaining more information.
For example:
localhost:~ admin$ curl -I https://www.socketloop.com
HTTP/1.1 200 OK
Server: nginx/1.4.6
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.25
<------ hereAccess-Control-Allow-Credentials: true
Date: Thu, 14 Aug 2014 12:21:40 GMT
Cache-Control: max-age=0, no-cache
To turn off the version information. Do the following on the webserver's PHP configuration :
vi /etc/php.ini
look for expose_php = On
line
change it to expose_php = Off
and this will cause PHP not to send over the version information when queried.
By Adam Ng
IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.
Advertisement
Tutorials
+5.4k PHP : Convert string to timestamp or datestamp before storing to database(MariaDB/MySQL)
+9.2k Golang : Accessing content anonymously with Tor
+5.1k Golang : Generate Interleaved 2 inch by 5 inch barcode
+22.8k Golang : Randomly pick an item from a slice/array example
+20.5k PHP : Convert(cast) int to double/float
+10k Golang : Embed secret text string into binary(executable) file
+8.7k Golang : Sort lines of text example
+8.4k Golang : Convert(cast) []byte to io.Reader type
+3.4k Golang : Switch Redis database redis.NewClient
+10.3k Golang : Select region of interest with mouse click and crop from image
+22.6k Golang : Gorilla mux routing example
+9.7k Golang : Ordinal and Ordinalize a given number to the English ordinal numeral