If you’ve ever examined the headers produced by a server running PHP, you may have seen this amongst them:
This little piece of information tells the world that you are running PHP version 5.2.12. Whilst I don’t believe that security through obscurity is a panacea, there’s little point in giving away useful information to potential attackers regarding the versions of software you are running.
If you want to stop this header appearing, find the
expose_php setting in
php.ini and disable it, like so:
expose_php = Off;
If you’re using mod_php, you’ll probably need to restart Apache for this to take effect.