at the first time , i try to use proxy_hide_header to strip it off , but it doesn't work then I had changed the etc/php.ini , set the expose_php = Off but the X-Powered-By header just still there
my php version is php 5.3.26
and I also note that , the output of php -i shows that expose_php = on This article describes how to enable and disable the expose_php directive in a custom php.ini file. The information in this article only applies to certain types of hosting accounts. To determine whether or not the information below applies to your account, please see this article. This article assumes that you have already set up a custom php.ini file on your web site. If you have not already set up a custom php.ini file, please read this article first. Using the expose_php directiveWhen the expose_php directive is enabled, PHP includes the following line in the HTTP response header when a PHP page is requested (the exact version number may differ depending on your configuration): X-Powered-By: PHP/5.3.27 By default, the expose_php directive is enabled. However, you may not want to broadcast the specific PHP version your site is using. Similarly, some third-party applications require the expose_php directive to be disabled. To disable the expose_php directive, use a text editor to modify your php.ini file as follows: expose_php = off With the expose_php directive disabled, PHP will not send the X-Powered-By header. To re-enable the expose_php directive and send the X-Powered-By header, modify your php.ini file as follows: expose_php = on To verify the current value of the expose_php directive and other directives, you can use the phpinfo() function. For more information, please see this article. More Information
According to phpinfo: Loaded Configuration File:
Can someone confirm this in Ubuntu 14.04? Any idea how to get rid of X-Powered-By? asked Apr 16, 2014 at 10:56
RufinusRufinus 1912 silver badges9 bronze badges It seems there is a bug in the init script. answered Apr 16, 2014 at 12:11
RufinusRufinus 1912 silver badges9 bronze badges Add answered Apr 24, 2017 at 10:19
HumberHumber 4512 gold badges7 silver badges17 bronze badges I had a similar problem with bitnami's wordpress image where The format for configuration that worked for me:
answered Dec 21, 2017 at 15:12
GabLeRouxGabLeRoux 1631 silver badge7 bronze badges Should I turn off expose_php?There are no known risks of disabling expose_php on a web server. Most Third Party services are agnostic to PHP version, and would not need this information exposed in order to function properly.
How to turn off expose_ PHP?Using the expose_php directive
Similarly, some third-party applications require the expose_php directive to be disabled. To verify the current value of the expose_php directive and other directives, you can use the phpinfo() function.
|