ScotlandPHP 2019


Please answer this simple SPAM challenge: max(zero, one)?
(Example: nine)

The Note You're Voting On

marpetr at NOSPAM dot gmail dot com
12 years ago
I think the best way to hide PHP on Apache and Apache itself is this:

# ...
# Minimize 'Server' header information
ServerTokens Prod
# Disable server signature on server generated pages
ServerSignature Off
# ...
# Set default file type to PHP
DefaultType application/x-httpd-php
# ...

; ...
expose_php = Off
; ...

Now the URLs will look like this:

Now hacker knows only that you are using Apache.

<< Back to user notes page

To Top