Set expose_php to Off in php.ini To Hide PHP Version Information on Web Server Nastavi expose_php do izklopa v php.ini skriti PHP Version Podatki o Web Server
PHP (Hypertest Preprocessor) is a server-side HTML embedded scripting language that is very popular for web development. PHP (Hypertest Preprocessor) je server-side HTML vgrajeni skriptnega jezika, ki je zelo priljubljen za web development. When PHP is running on a web server, each and every request to the web server will return the following line of header with PHP version information to the browser. Pri PHP se izvaja na spletnem strežniku, vsak zahtevek za spletni strežnik bo vrnil naslednji vrstici glave s PHP različice informacije brskalnik.
X-Powered-By: PHP/[version] X-Powered-By: PHP / [besedilo]
The X-Powered-By header info is controlled by expose_php core php.ini directive. The X-Powered-By header info nadzoruje expose_php jedro php.ini direktivo. expose_php determines whether web server will report that PHP is being used to process the request, and what version of PHP is installed to every request. expose_php ugotovi, ali je spletni strežnik se bo poročila, da PHP se uporabi za obdelavo zahtevka, in kaj različica PHP je nameščen na vsaki zahtevi. expose_php is enabled by default, so the information is sent on each HTTP and HTTPS request. expose_php je omogočena kot privzeto, tako da se ta informacija pošlje na vsak HTTP in HTTPS zahtevo.
While PHP is generally reliable and secure, older and outdated versions of PHP may contain security holes and bugs. Medtem ko PHP je splošno zanesljivi in varni, starejših in zastarela različica PHP lahko vsebuje varnostne luknje in hrošči. Although there is no problem leaving PHP version info exposed, and enable expose_php is not classified as security risk, but malicious hackers looking for potentially vulnerable targets can use PHP version installed on a web server to identify a weakness. Čeprav ni nobenega problema zapustijo PHP različice info izpostavljeni, in omogočiti expose_php ni razvrščena kot varnostno tveganje, vendar zlonamerni hekerji iščejo potencialno ranljive cilje lahko uporabite PHP različice nameščene na spletni strežnik za prepoznavanje šibkosti. By turning off expose_php, the existence and version of PHP is hidden, and help lower threat to attacks that rely on simple reconnaissance techniques to scan for vulnerable targets. Z izklopom expose_php, obstoj in različica PHP je skrit, in pomoč nižje grožnjo napadov, ki se opirajo na preproste izvidovanje tehnike skeniranja za ranljive cilje. Although websites not using SEO-optimized URL structures may still potentially been seen by human as running PHP from link location (eg index.php?variable=value), but bots and automated scripts from novice attackers may be fooled. Čeprav so spletne strani ne uporabljate SEO-optimized URL strukture morda še vedno lahko bil viden ljudi kot teče PHP s povezavo lokacijo (npr. index.php? Spremenljivka = vrednost), vendar pošto in avtomatizirani skripte iz novice napadači maj obstati bedastoča.
So it's recommended disable and turn expose_php off. Torej je priporočljivo, onemogočite in nato expose_php off. Webmasters can disable expose_php in the php.ini file, usually located in /etc, /usr/lib, /usr/local/lib or /usr/local/lib/php/: Webmasters lahko preprečite expose_php v php.ini datoteko, ponavadi se nahaja v / etc, / usr / lib, / usr / local / lib in / usr / local / lib / php /:
; Disable expose_php for security reasons ; Onemogoči expose_php zaradi varnostnih razlogov
expose_php = Off expose_php = Off
Tip: Setting expose_php to Off in php.ini does not prevent or stop php_info() function from executing. Nasvet: Nastavljanje expose_php do izklopa v php.ini ne prepreči ali ustavi php_info () funkcijo od izvršitve.
IMPORTANT : The page is machine translated and provided "as is" without warranty. POMEMBNO: Ta stran je stroj prevod in če "kot je" brez garancije. Machine translation may be difficult to understand. Strojno prevajanje je lahko težko razumeti. Please refer to Prosimo, da original English article original English članek whenever possible. kadar je to mogoče.
Related Articles Sorodni članki
- Install and Run IIS (Internet Information Services) Server 7 in Vista Namestite in zaženite storitve IIS (Internet Information Services) Server 7 v Vista
- Windows Vista SP2 and Windows Server 2008 SP2 Beta Information Page at KB948465 Windows Vista s servisnim paketom SP2 in Windows Server 2008 s servisnim paketom SP2 Beta Informacije Page na KB948465
- CTP Version of SQL Server 2008 Service Pack 1 (SP1) Available For Download CTP različica SQL Server 2008 Service Pack 1 (SP1), na voljo za download
- Apple's Remote Application Enables iPhone and iPod Touch Media Server Control Through iTune 7.7 Beta Version Apple's Remote Application Omogoča iPhone in iPod Touch Media Server Control Through iTune 7,7 Beta Version
- Streamline and Downsize Time Freezing Version of mini KMS Server VM Image for Local KMS Activation Hack Racionalizacijo in zmanjšanje Čas zamrzovanja Verzija mini KMS Server VM slike za lokalno KMS Activation Hack
- Download Hide Folders to Hide Sensitive Data in Windows System Download Skrij Mape za Skrij občutljivih podatkov v operacijskem sistemu Windows
- cPanel WHM Failed to Receive Status Information From Apache Error cPanel WHM Neuspjela Receive Status Informacije Iz Apache Napaka
- Download Free Windows Embedded Server Products with Product Key to Develop Dedicated Server Download Free Windows Embedded Server Izdelki s ključa izdelka za razvoj Dedicated Server
- Display USB Devices Detailed Information with USBDeview Prikaži USB Devices podrobne informacije s USBDeview
- Information on WGA Validation Tool (KB892130), WGA Notifications (KB905474) and Office Genuine Advantage (OGA) Informacije o WGA Validation Tool (KB892130), WGA Notifications (KB905474) in Office Genuine Advantage (OGA)
