2/26/2013
Hide php version and apache version
Most of hacker may find the bug based on apache version and hack the server.
So you had better hide the apache version.
By default, the apache will send apache version to client in every http header.
Another, the php will send the php version to client.
Now I give the way how to hide the apache version and php version
1. Hide apache version
ServerTokens controls whether Server response header field, which is sent back to clients, includes a descriptions of the generic OS-type of the server.
open httpd.conf and change
ServerSignature On => ServerSignature Off
ServerTokens os=>ProductOnly
2. Hide php version
expose_php = On =>expose_php = Off
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment