Solved

How to disable php version .htaccess

Posted on 2010-08-19
9
853 Views
Last Modified: 2013-11-08
Hi,

I cannot change the php.ini on the (plesk) shared hosting server and I would like to disable the PHP Version Check.
Can I do that with the .htaccess?

Or is there a beter solution?

Thanks
0
Comment
Question by:HPvH
9 Comments
 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480070
You might be able to use these directives to hide that, however, it will hide a lot of other webserver fingerprinting information as well.

ServerTokens Prod
ServerSignature Off
0
 

Expert Comment

by:ruthannbasnillo
ID: 33480098
If you have a directory which users can upload files into it's a good idea for security reasons to disable server-side parsing of scripts such as PHP. This post shows a couple of options using Apache's .htaccess files.

http://www.electrictoolbox.com/disable-php-apache-htaccess/
0
 
LVL 25

Expert Comment

by:madunix
ID: 33480205
you should  turn "Off" the "ServerSignature" parameter in httpd.conf which is "On" by default:
ServerSignature On|Off
0
 

Author Comment

by:HPvH
ID: 33480244
I cant change that, it is a shared hosting website
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480340
Ok, you can set expose_php in you're php scripts/pages

ini_set('expose_php', 'Off');

You would just have to add to each php script/page...
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33482941
Why do you want to hide that information
0
 

Author Comment

by:HPvH
ID: 33483376
My McAfee security check came with it as a prio 2 for McAfee and a prio 5 for credit card companies.
0
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 250 total points
ID: 33485402
If you're doing this for PCI compliance, you might bug your hosting company to upgrade to latest stable releases on things, or find a new hosting company.. and you might look into dedicated server or vm hosting so you can have more control.

Additionally... the ServerSignatures directive can be place inside a VH, if you have any control over your VH config, you can apply that there.
0
 
LVL 9

Assisted Solution

by:jeremycrussell
jeremycrussell earned 250 total points
ID: 33485413
Dote.. ServerSignatures directive can also be placed in .htacces.. forgot to mention that.
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
The viewer will learn how to count occurrences of each item in an array.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now