Set expose_php to Off in php.ini To Hide PHP Version Information on Web Server Postavi expose_php na Isključeno in php.ini za skrivanje PHP Version Informacije na web server
PHP (Hypertest Preprocessor) is a server-side HTML embedded scripting language that is very popular for web development. PHP (Hypertest Preprocessor) je poslužitelj HTML-embedded scripting strani jezik koji je vrlo popularan za web razvoj. When PHP is running on a web server, each and every request to the web server will return the following line of header with PHP version information to the browser. Kada PHP se prikazuju na web-poslužitelju, svaki zahtjev za web poslužitelj će vratiti sljedeći redak zaglavlja sa PHP verzijom informacijama u pregledniku.
X-Powered-By: PHP/[version] X-Powered-By: PHP / [version]
The X-Powered-By header info is controlled by expose_php core php.ini directive. The X-Powered-By header info kontrolira expose_php core php.ini direktive. expose_php determines whether web server will report that PHP is being used to process the request, and what version of PHP is installed to every request. expose_php određuje da li će web server PHP izvještaj koji se koristi za obradu zahtjeva, a što verzija PHP je instaliran na svaki zahtjev. expose_php is enabled by default, so the information is sent on each HTTP and HTTPS request. expose_php je omogućen kod standardne postave, tako da se podaci šalju na svakoj HTTP i HTTPS zahtjev.
While PHP is generally reliable and secure, older and outdated versions of PHP may contain security holes and bugs. PHP Iako je općenito pouzdan i siguran, starije i zastarjele verzije PHP svibanj sadrže sigurnosna rupa i bugova. Although there is no problem leaving PHP version info exposed, and enable expose_php is not classified as security risk, but malicious hackers looking for potentially vulnerable targets can use PHP version installed on a web server to identify a weakness. Iako ne postoji problem napuštanja PHP verzija info izložen, i omogućiti expose_php nije klasificiran kao sigurnosni rizik, ali zlonamjeran Hackers potrazi za potencijalno ranjive mete mogu koristiti PHP verzija instalirana na web server prepoznati slabost. By turning off expose_php, the existence and version of PHP is hidden, and help lower threat to attacks that rely on simple reconnaissance techniques to scan for vulnerable targets. By isključivanja expose_php, postojanje i verzija PHP je skrivena, i pomoći pri ublažavanju prijetnja napada koji se oslanjaju na jednostavan izviđaj tehnike skeniranja za ranjive ciljeva. Although websites not using SEO-optimized URL structures may still potentially been seen by human as running PHP from link location (eg index.php?variable=value), but bots and automated scripts from novice attackers may be fooled. Iako su web stranice ne koristite SEO optimizirano URL strukture svibanj potencijalno još nisu viđeni ljudskim kao trčanje od PHP link lokaciji (npr. index.php? Varijabla = vrijednost), ali robota i automatiziranih skripti iz iskušenik Napadači svibanj biti prevaren.
So it's recommended disable and turn expose_php off. Tako da je preporučeno onemogućiti i skrenite expose_php off. Webmasters can disable expose_php in the php.ini file, usually located in /etc, /usr/lib, /usr/local/lib or /usr/local/lib/php/: Webmasteri mogu onemogućiti expose_php u php.ini datoteke, obično se nalaze u / etc / usr / lib / usr / local / lib ili / usr / local / lib / php /:
; Disable expose_php for security reasons ; Expose_php Onemogućite iz sigurnosnih razloga
expose_php = Off expose_php = Isključeno
Tip: Setting expose_php to Off in php.ini does not prevent or stop php_info() function from executing. Savjet: Postavljanje expose_php na Isključeno in php.ini ne spriječi ili zaustavi php_info () funkciji od izvršavanju.
IMPORTANT : The page is machine translated and provided "as is" without warranty. VAŽNO: Na stranici je stroj prevedeno i dostavlja "kakav je" sa garantni. Machine translation may be difficult to understand. Strojno prevođenje svibanj biti teško za razumjeti. Please refer to Molimo pogledajte original English article Engleski originalni članak whenever possible. kad god je to moguće.
Related Articles Povezani članci
- Install and Run IIS (Internet Information Services) Server 7 in Vista Instaliraj i Trčanje IIS (Internet Information Services) Server 7 u Vista
- Windows Vista SP2 and Windows Server 2008 SP2 Beta Information Page at KB948465 Windows Vidik SP2 i Windows Server 2008 SP2 Beta Page Information at KB948465
- CTP Version of SQL Server 2008 Service Pack 1 (SP1) Available For Download CTP verzija SQL Server 2008 Service Pack 1 (SP1) dostupna za preuzimanje
- Apple's Remote Application Enables iPhone and iPod Touch Media Server Control Through iTune 7.7 Beta Version Primijeniti na Maknuti Aplikacija Omogućuje iPhone i iPod Touch Media Server Control Through iTune 7,7 Beta Version
- Streamline and Downsize Time Freezing Version of mini KMS Server VM Image for Local KMS Activation Hack Strujnički i smanjiti Vrijeme Hladan Inačici mini KMS Poslužitelj VM sliku za Lokalni KMS Potaknuće Hack
- Download Hide Folders to Hide Sensitive Data in Windows System Download Hide Mape za skrivanje osjetljive podatke u Windowsima Sistem
- cPanel WHM Failed to Receive Status Information From Apache Error cPanel WHM Failed to Primiti Stanje informacije od Apache Greška
- Download Free Windows Embedded Server Products with Product Key to Develop Dedicated Server Preuzimanje datoteka Slobodan Windows Embedded Server Proizvodi s Proizvod Ključ Razviti namjenski poslužnik
- Display USB Devices Detailed Information with USBDeview Pokaži detaljne podatke USB uređaji sa USBDeview
- Information on WGA Validation Tool (KB892130), WGA Notifications (KB905474) and Office Genuine Advantage (OGA) Informacije o WGA Provjera valjanosti Alat (KB892130), WGA Obavijesti (KB905474) i Office Genuine Advantage (OGA)
