Php hide/remove X-Powered-By HTTP header

By On Saturday, April 9th, 2016 Categories : Artikel
Advertisement
Inspecting HTTP traffic at layer 7 on a fresh http/php web server yelds some interesting results: A php header that exposes the php version.
Here is http traffic as seen on the network with tcpdump:

Code:
Server: nginx
Date: Fri, 16 Jan 2015 00:11:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.20
Cache-Control: private, no-cache=”set-cookie”
Expires: 0
Pragma: no-cache
Content-Encoding: gzip

How to configure php from exposing “X-Powered-By” header:. Edit php.ini and change following value:

Code:
expose_php = off
Advertisement (Dibawah ini adalah Iklan)
loading...