Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to disable php version .htaccess

Posted on 2010-08-19
9
Medium Priority
?
914 Views
Last Modified: 2013-11-08
Hi,

I cannot change the php.ini on the (plesk) shared hosting server and I would like to disable the PHP Version Check.
Can I do that with the .htaccess?

Or is there a beter solution?

Thanks
0
Comment
Question by:HPvH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480070
You might be able to use these directives to hide that, however, it will hide a lot of other webserver fingerprinting information as well.

ServerTokens Prod
ServerSignature Off
0
 

Expert Comment

by:ruthannbasnillo
ID: 33480098
If you have a directory which users can upload files into it's a good idea for security reasons to disable server-side parsing of scripts such as PHP. This post shows a couple of options using Apache's .htaccess files.

http://www.electrictoolbox.com/disable-php-apache-htaccess/
0
 
LVL 25

Expert Comment

by:madunix
ID: 33480205
you should  turn "Off" the "ServerSignature" parameter in httpd.conf which is "On" by default:
ServerSignature On|Off
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:HPvH
ID: 33480244
I cant change that, it is a shared hosting website
0
 
LVL 9

Expert Comment

by:jeremycrussell
ID: 33480340
Ok, you can set expose_php in you're php scripts/pages

ini_set('expose_php', 'Off');

You would just have to add to each php script/page...
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33482941
Why do you want to hide that information
0
 

Author Comment

by:HPvH
ID: 33483376
My McAfee security check came with it as a prio 2 for McAfee and a prio 5 for credit card companies.
0
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 1000 total points
ID: 33485402
If you're doing this for PCI compliance, you might bug your hosting company to upgrade to latest stable releases on things, or find a new hosting company.. and you might look into dedicated server or vm hosting so you can have more control.

Additionally... the ServerSignatures directive can be place inside a VH, if you have any control over your VH config, you can apply that there.
0
 
LVL 9

Assisted Solution

by:jeremycrussell
jeremycrussell earned 1000 total points
ID: 33485413
Dote.. ServerSignatures directive can also be placed in .htacces.. forgot to mention that.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question