Hide PHP and apache version when inspecting - PHP Versions - PhpOut

StevenG
July 22, 2021
231 views
0 votes
2 Answers

In a website made with WordPress, I’m trying to find out how I hide the version of PHP and Apache2 when I inspect the site.

I think that should be in 000-default.conf?

I tried to use

expose_php = Off

in php.ini, but it doesn’t work

Tags: apache2 php wordpress

Answers

Chosen as BEST ANSWER
- StevenG
- July 23, 2021 at 5:17 pm
- 0 votes
0
To hide the version of apache, you should add in the server configuration file:
```
ServerTokens Prod 
ServerSignature Off
```

(Edit)

- UrielAlves
- July 29, 2021 at 5:01 pm
- 0 votes
0
Apache have /etc/apache2/conf-available/security.conf file for these configurations

You need to edit it and set
ServerTokens from OS to Prod

and
ServerSignature from On to Off

Thats the best way to do that, since this applies to all server configuration

If security conf was not enabled yet, just run ( as super user / root ) on terminal:

a2enconf secutiry; service apache2 restart

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.