PHP Tutorials
Php What isPHP INI Tutorials
Php ini What isEach scrap of information that a potential attacker can gather about a Web server increases the chances that he will successfully compromise it. One simple way to obtain key information about server characteristics is via the server signature.
For example, Apache will broadcast the following information within each response header by default:
Disabling expose_php prevents the Web server signature (if enabled) from broadcasting the fact that PHP is installed. Although you need to take other steps to ensure sufficient server protection, obscuring server properties such as this one is nonetheless heartily recommended.
Note : You can disable Apache's broadcast of its server signature by setting ServerSignature to Off in the httpd.conf file.
|
Tweet |
|
|