Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Fri Dec 14, 2018 12:09 am


Username:
Subject:
Message body:
Enter your message here, it may contain no more than 60000 characters. 

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
Font size:
 
Font colour
Options:
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Disable BBCode
Disable smilies
Do not automatically parse URLs
Confirmation code
Confirmation code:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.
     

Topic review - Php hide/remove X-Powered-By HTTP header
Author Message
Post subject: Php hide/remove X-Powered-By HTTP header  |  Post Posted: Thu Jan 15, 2015 9:35 pm
Inspecting HTTP traffic at layer 7 on a fresh http/php web server yelds some interesting results: A php header that exposes the php version.
Here is http traffic as seen on the network with tcpdump:
Code:
Server: nginx
Date: Fri, 16 Jan 2015 00:11:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.20
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Content-Encoding: gzip


How to configure php from exposing "X-Powered-By" header:. Edit php.ini and change following value:
Code:
expose_php = off
Jump to:  
News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO