Bookmark and Share

phpIf you are a webmaster you know how  risky is having a live website browsed by thousands of readers a day. As a matter of fact, among these people there may be hackers who look for ways to breach and exploit your website or blog for their own goals. That’s why you have to be very careful when it comes to releasing information regarding  it. As a general rule, the less hackers know the better. An outdated version of software or  a flawed plugin may put your website in jeopardy. Most websites and blogs are hosted on served running PHP  code which is a language embedding HTML. Such a code is vital to run any site. By default, every request to a server will return to the browser a string containing information about PHP version. Let’s see how to hide and disable PHP version information thanks to a little, unknown trick!

Generally speaking, PHP code is rather secure. However, if your server is running an old, buggy PHP version, the version of the code could be used to breach your server and blog. Here is a simple trick to hide and disable PHP version information.

In the php.ini file locate the following command: expose_php. By default, it is set to on. Just turn it off.

expose_php = Off

In this way your server won’t return any information regarding the version of the PHP it is running.

Note: Please keep in mind that  making the PHP version available it is not considered to be a threat in any way. It is only dangerous if your server is running an outdated PHP version.

Related Articles Latest Articles

8 Comments to “How to hide php version information on servers”

  1. Web Talk Says:

    Thanks! I didn’t know about it at all. They have been tried to muzzle bloggers for a long time here. The actual government is not happy on how some bloggers refer to politicians in their blogs. That’s why they are trying to get the Alfano decree approved. Of course they tried to have it approved during the summer time when everybody is thinking about the beach or how to win at the Super Lotto!

  2. William Says:

    Yeah i posted a link in the above post to where i saw the story from our bbc news reports here in the uk.

    Apparently back in july there was a strike by Italian bloggers over a new law ( the Alfano decree)which will mean that if you had written something about somebody in a personal way or what they would believe to be personal about themselves in your blog, would put you in a situation where you have a certain amount of time (48hrs) to remove/edit your blog or face being fined upto 10,000 euros.

    So basically the Italian goverment is putting the same law on websites has there are on newspapers.

    I still do not know if this law has happened yet, if it does other Countries will follow with the same thing.



  3. Web Talk Says:

    Hi William! yes, I loved my holidays. I wish they lasted longer! 🙂 I haven’t heard anything over here about this strike. Can you enlight me?

  4. William Says:

    Whoops, i meant Alfano decree……….

  5. William Says:

    Its just that i read an article about the Alfonso decree at http://news.bbc.co.uk/1/hi/programmes/click_online/8197639.stm

    Would be a shame if this became law!



  6. William Says:

    Hi Frank, did you enjoy your holiday? & are the bloggers still on strike in Italy?


  7. Web Talk Says:

    Well, theorically speaking this trick works for both website hosting companies and private servers.

  8. William Says:

    Strange though it seems, i always assumed that a website hosted by a third party (website hosting company) would be much safer than just running the site yourself!



Copyright © 2007-2017 | Sitemap | Privacy | Back To Top
Best screen resolution 1280x800 or higher.
Web Talk is best viewed in Firefox.