Set expose_php to Off in php.ini To Hide PHP Version Information on Web Server Itakda ang expose_php sa Sarado sa php.ini Upang Itago PHP Version Impormasyon sa Web Server
PHP (Hypertest Preprocessor) is a server-side HTML embedded scripting language that is very popular for web development. PHP (Hypertest Preprocessor) ay isang server-side na HTML-embed ang scripting wika na ito ay napaka-popular para sa mga web development. When PHP is running on a web server, each and every request to the web server will return the following line of header with PHP version information to the browser. Kapag ang PHP ay tumatakbo sa isang web server, ang bawat isa at ang bawat kahilingan sa web server ay babalik ang mga sumusunod na linya ng header sa PHP bersyon impormasyon sa browser.
X-Powered-By: PHP/[version] X-Powered-By: PHP / [bersyon]
The X-Powered-By header info is controlled by expose_php core php.ini directive. Ang X-Powered By-header info ay kinokontrol ng expose_php pangunahing php.ini nagtuturo. expose_php determines whether web server will report that PHP is being used to process the request, and what version of PHP is installed to every request. expose_php nagtatakda kung web server ay ulat na PHP ay ginagamit upang i-proseso ang kahilingan, at kung ano ang bersyon ng PHP ay na-install sa bawat kahilingan. expose_php is enabled by default, so the information is sent on each HTTP and HTTPS request. expose_php ay naka-enable sa pamamagitan ng default, kaya ang impormasyon ay naipadala sa bawat HTTP at HTTPS kahilingan.
While PHP is generally reliable and secure, older and outdated versions of PHP may contain security holes and bugs. Habang PHP ay maaasahan at ligtas, mas matanda pa at lumang bersyon ng PHP ay maaaring maglaman ng seguridad butas at bugs. Although there is no problem leaving PHP version info exposed, and enable expose_php is not classified as security risk, but malicious hackers looking for potentially vulnerable targets can use PHP version installed on a web server to identify a weakness. Kahit na walang problema Aalis PHP bersyon info napakita, at paganahin ang expose_php na ito ay hindi-uri-uri bilang seguridad panganib, ngunit malisyosong hackers naghahanap ng mga potensyal na masusugatan target ay maaaring gumamit ng PHP bersyon-install sa isang web server upang tukuyin ang isang kahinaan. By turning off expose_php, the existence and version of PHP is hidden, and help lower threat to attacks that rely on simple reconnaissance techniques to scan for vulnerable targets. Sa pamamagitan ng isara expose_php, ang buhay at bersyon ng PHP ay nakatago, at tulong na mas mababa pananakot sa atake na umaasa sa mga simpleng pamamaraan na pagmamanman sa kilos ng kaaway sa pag-scan para sa mga masusugatan pinupuntirya. Although websites not using SEO-optimized URL structures may still potentially been seen by human as running PHP from link location (eg index.php?variable=value), but bots and automated scripts from novice attackers may be fooled. Bagaman ang mga website na hindi gumagamit ng SEO-optimized na URL ay maaari pa rin structures potensyal na makikita ng mga tao na tumatakbo PHP mula sa link na lokasyon (hal. index.php? Variable = value), ngunit bots at automated script mula sa baguhan attackers ay maaaring fooled.
So it's recommended disable and turn expose_php off. Kaya ito ay inirerekomenda-disable at expose_php turn off. Webmasters can disable expose_php in the php.ini file, usually located in /etc, /usr/lib, /usr/local/lib or /usr/local/lib/php/: Webmasters ay maaaring hindi paganahin ang expose_php sa php.ini file, karaniwang matatagpuan sa / etc, / usr / lib, / usr / local / lib o sa / usr / local / lib / php /:
; Disable expose_php for security reasons ; Disable expose_php para sa seguridad
expose_php = Off expose_php = Off
Tip: Setting expose_php to Off in php.ini does not prevent or stop php_info() function from executing. Tip: expose_php-set sa Sarado sa php.ini ay hindi maiwasan o ihinto php_info () function mula sa Isinasagawa.
IMPORTANT : The page is machine translated and provided "as is" without warranty. MAHALAGA: Ang mga pahina ay makina isinalin at ibinigay "gaya ay" walang warranty. Machine translation may be difficult to understand. Machine translation ay maaaring maging mahirap na maintindihan. Please refer to Mangyaring tingnan ang original English article orihinal na Ingles na artikulo whenever possible. hangga't maaari.
Related Articles Mga Kaugnay na Akda
- Install and Run IIS (Internet Information Services) Server 7 in Vista I-install at Patakbuhin IIS (Internet Information Services) Server 7 sa Vista
- Windows Vista SP2 and Windows Server 2008 SP2 Beta Information Page at KB948465 Windows Vista SP2 at Windows Server 2008 SP2 Beta Impormasyon Page at KB948465
- CTP Version of SQL Server 2008 Service Pack 1 (SP1) Available For Download CTP Bersyon ng SQL Server 2008 Service Pack 1 (SP1) Magagamit Para sa Download
- Apple's Remote Application Enables iPhone and iPod Touch Media Server Control Through iTune 7.7 Beta Version Apple's Remote Application ay nagbibigay-daan sa iPhone at iPod Touch Media Server Control pamamagitan iTune 7.7 Beta Version
- Streamline and Downsize Time Freezing Version of mini KMS Server VM Image for Local KMS Activation Hack Streamline at Downsize Time Nagyeyelong Bersyon ng mini KMS Server VM Image para sa Lokal na KMS Activation tadtarin
- Download Hide Folders to Hide Sensitive Data in Windows System I-download ang Itago ang mga Folder upang Itago Sensitive Data sa Windows System
- cPanel WHM Failed to Receive Status Information From Apache Error cPanel WHM Nabigong Tumanggap Katayuan Impormasyon Mula sa Apache Error
- Download Free Windows Embedded Server Products with Product Key to Develop Dedicated Server I-download ang Libreng Windows Server embed Products sa Product Key sa Paunlarin dedikado Server
- Display USB Devices Detailed Information with USBDeview Ipakita ang USB Devices Detalyadong Impormasyon sa USBDeview
- Information on WGA Validation Tool (KB892130), WGA Notifications (KB905474) and Office Genuine Advantage (OGA) Impormasyon tungkol sa WGA Validation Tool (KB892130), WGA Notifications (KB905474) at Office Genuine Advantage (OGA)
