Set expose_php to Off in php.ini To Hide PHP Version Information on Web Server Set expose_php lai Off in php.ini slēpt PHP versija Informācija par Web Server
PHP (Hypertest Preprocessor) is a server-side HTML embedded scripting language that is very popular for web development. PHP (Hypertest Preprocessor) ir server-side HTML iegultās skriptu valoda, kas ir ļoti populāra interneta attīstību. When PHP is running on a web server, each and every request to the web server will return the following line of header with PHP version information to the browser. Kad PHP darbojas tīmekļa serverī, katru lūgumu, ko interneta serveri atgriezīsies šādu līniju header ar PHP versija informāciju pārlūku.
X-Powered-By: PHP/[version] X-Powered-By: PHP / [version]
The X-Powered-By header info is controlled by expose_php core php.ini directive. X-Powered-By header info kontrolē expose_php kodols php.ini directive. expose_php determines whether web server will report that PHP is being used to process the request, and what version of PHP is installed to every request. expose_php nosaka, vai interneta serveri, ziņo, ka PHP tiek lietots, lai izskatītu pieprasījumu, un to, ko versija PHP ir uzstādīts uz katru pieprasījumu. expose_php is enabled by default, so the information is sent on each HTTP and HTTPS request. expose_php ir iespējota pēc noklusējuma, tāpēc informācija ir nosūtīts uz katra HTTP un HTTPS pieprasījuma.
While PHP is generally reliable and secure, older and outdated versions of PHP may contain security holes and bugs. Lai gan PHP parasti ir uzticama un droša, gados vecākiem un novecojušas versijas PHP var ietvert drošības caurumiem un bugs. Although there is no problem leaving PHP version info exposed, and enable expose_php is not classified as security risk, but malicious hackers looking for potentially vulnerable targets can use PHP version installed on a web server to identify a weakness. Lai gan nav problēma atstāj PHP versija info pakļauti, un ļautu expose_php nav klasificēta kā drošības risku, bet ļaunprātīgas hackers meklējat potenciāli mazāk aizsargātiem mērķiem var izmantot PHP versija uzstādīts uz web serveri, lai identificētu vājumu. By turning off expose_php, the existence and version of PHP is hidden, and help lower threat to attacks that rely on simple reconnaissance techniques to scan for vulnerable targets. Ar izslēgšanās expose_php, ka pastāv un versiju PHP ir slēpta, un palīdzēs samazināt apdraud uzbrukumi, kuru pamatā ir vienkāršs izpētes metodes, lai skenēšanas neaizsargātiem mērķiem. Although websites not using SEO-optimized URL structures may still potentially been seen by human as running PHP from link location (eg index.php?variable=value), but bots and automated scripts from novice attackers may be fooled. Lai arī mājas lapas neizmanto SEO-optimizēta URL struktūras vēl var potenciāli ir redzams cilvēka kā ekspluatācijas PHP no saite atrašanās vieta (piem., index.php? Mainīgais = vērtība), bet robotprogrammatūras un automatizētā skriptus no iesācēju attackers var fooled.
So it's recommended disable and turn expose_php off. Tāpēc ir ieteicams disable un savukārt expose_php off. Webmasters can disable expose_php in the php.ini file, usually located in /etc, /usr/lib, /usr/local/lib or /usr/local/lib/php/: Webmasters var atspējot expose_php ar php.ini failu, kas parasti atrodas / etc, / usr / pārliecinamies, / usr / local / pārliecinamies vai / usr / local / pārliecinamies / php /:
; Disable expose_php for security reasons ; Disable expose_php drošības apsvērumu dēļ
expose_php = Off expose_php = Off
Tip: Setting expose_php to Off in php.ini does not prevent or stop php_info() function from executing. Padoms: Setting expose_php uz izslēgšanas in php.ini nekavē vai pārtraukt php_info () funkciju izpildes.
IMPORTANT : The page is machine translated and provided "as is" without warranty. SVARĪGI: Šī lapa ir mašīna tulkoto un ar nosacījumu ", kas ir" bez garantijas. Machine translation may be difficult to understand. Machine translation var būt grūti saprast. Please refer to Lūdzu, skatiet original English article oriģināls angļu rakstu whenever possible. kad vien iespējams.
Related Articles Saistītie raksti
- Install and Run IIS (Internet Information Services) Server 7 in Vista Instalēt un Run IIS (Internet Information Services) Server 7 in Vista
- Windows Vista SP2 and Windows Server 2008 SP2 Beta Information Page at KB948465 Windows Vista SP2 un Windows Server 2008 SP2 Beta Informācija lapā KB948465
- CTP Version of SQL Server 2008 Service Pack 1 (SP1) Available For Download CTP versija SQL Server 2008 Service Pack 1 (SP1), kas ir pieejami Download
- Apple's Remote Application Enables iPhone and iPod Touch Media Server Control Through iTune 7.7 Beta Version Apple Remote Application Ļauj IPHONE un iPod Touch Media Server kontrolei ar iTune 7,7 Beta versija
- Streamline and Downsize Time Freezing Version of mini KMS Server VM Image for Local KMS Activation Hack Racionalizēt un samazināt Time Freezing Version mini km Server VM Image for Local km Aktiv Hack
- Download Hide Folders to Hide Sensitive Data in Windows System Download Hide Mapes slēpt Jutīgi dati Windows System
- cPanel WHM Failed to Receive Status Information From Apache Error cPanel WHM Neizdevās Receive Statuss Informācija no Apache kļūdu
- Download Free Windows Embedded Server Products with Product Key to Develop Dedicated Server Download Bezmaksas Windows Embedded Server Produkti ar Product Key attīstīt Dedicated Server
- Display USB Devices Detailed Information with USBDeview Displejs USB Devices Sīkāka informācija ar USBDeview
- Information on WGA Validation Tool (KB892130), WGA Notifications (KB905474) and Office Genuine Advantage (OGA) Informācija par WGA Validation Tool (KB892130), WGA Notifications (KB905474) un Office Genuine Advantage (Oga)
