Solved

How to disable php version .htaccess

Posted on 2010-08-19
9
895 Views
Last Modified: 2013-11-08
Hi,

I cannot change the php.ini on the (plesk) shared hosting server and I would like to disable the PHP Version Check.
Can I do that with the .htaccess?

Or is there a beter solution?

Thanks
0
Comment
Question by:HPvH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480070
You might be able to use these directives to hide that, however, it will hide a lot of other webserver fingerprinting information as well.

ServerTokens Prod
ServerSignature Off
0
 

Expert Comment

by:ruthannbasnillo
ID: 33480098
If you have a directory which users can upload files into it's a good idea for security reasons to disable server-side parsing of scripts such as PHP. This post shows a couple of options using Apache's .htaccess files.

http://www.electrictoolbox.com/disable-php-apache-htaccess/
0
 
LVL 25

Expert Comment

by:madunix
ID: 33480205
you should  turn "Off" the "ServerSignature" parameter in httpd.conf which is "On" by default:
ServerSignature On|Off
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 

Author Comment

by:HPvH
ID: 33480244
I cant change that, it is a shared hosting website
0
 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480340
Ok, you can set expose_php in you're php scripts/pages

ini_set('expose_php', 'Off');

You would just have to add to each php script/page...
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33482941
Why do you want to hide that information
0
 

Author Comment

by:HPvH
ID: 33483376
My McAfee security check came with it as a prio 2 for McAfee and a prio 5 for credit card companies.
0
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 250 total points
ID: 33485402
If you're doing this for PCI compliance, you might bug your hosting company to upgrade to latest stable releases on things, or find a new hosting company.. and you might look into dedicated server or vm hosting so you can have more control.

Additionally... the ServerSignatures directive can be place inside a VH, if you have any control over your VH config, you can apply that there.
0
 
LVL 9

Assisted Solution

by:jeremycrussell
jeremycrussell earned 250 total points
ID: 33485413
Dote.. ServerSignatures directive can also be placed in .htacces.. forgot to mention that.
0

Featured Post

Learn by Doing. Anytime. Anywhere.

Do you like to learn by doing?
Our labs and exercises give you the chance to do just that: Learn by performing actions on real environments.

Hands-on, scenario-based labs give you experience on real environments provided by us so you don't have to worry about breaking anything.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question