I have a website made on PHP version 7. My website is vulnerable to server banner grabbing. How can we solve this?
I have tried adding the following directives in Apache configuration file/etc/apache2/httpd.conf
ServerTokens Prod
ServerSignature Off
Asked
Active
Viewed 200 times
-4
-
This question has nothing to do with php or mysql, nor programming or software development in general. There is a security sister site of SO, they are the experts in cyber security matters. – Shadow Feb 03 '23 at 11:17
-
Please read more about website security and then try to aply some options that you find. Then after trying hard to solve this situation, put here the code where you got stuck. – dragon Feb 04 '23 at 09:15
1 Answers
-1
For HTTP communications, server banners are transmitted as HTTP headers. These come as name/value pairs like Server: Apache. PHP is known for adding an X-Powered-By header to each page, containing the PHP version as the value. For removing it, see
f_puras
- 2,521
- 4
- 33
- 38