Home>Article>Backend Development> How does PHP obtain the header information of a specified URL and hide and close it?

How does PHP obtain the header information of a specified URL and hide and close it?

autoload
autoload forward
2021-03-24 15:10:34 3459browse

1. How to obtain the header information of the specified URL in PHP

Super simple, just one line of command:

 Array ( [0] => HTTP/1.1 403 Forbidden [1] => Date: Sun, 24 Jan 2021 05:09:48 GMT [2] => Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1i PHP/7.3.26 [3] => Content-Length: 199 [4] => Connection: close [5] => Content-Type: text/html; charset=iso-8859-1 )

2. How to disable display or The method of hiding header information

is divided into two steps. The first step is to changeexpose_php = Onin thePHP.inifile toexpose_php = Off, after restartingApache, take another look at

Array ( [0] => HTTP/1.1 403 Forbidden [1] => Date: Sun, 24 Jan 2021 05:10:50 GMT [2] => Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1i [3] => Content-Length: 199 [4] => Connection: close [5] => Content-Type: text/html; charset=iso-8859-1 )

After restarting, we can see that the information about thePHPversion is no longer displayed , but the information ofApacheand service name is still displayed. We need to be more thorough to ensure safety. We need to add two instructions to Apache's httpd.conf. First, let's confirm whether there are the following two configuration instructions in Apache's httpd.conf file. If not, directly add two lines of data at the bottom of the configuration file.

ServerTokens Prod ServerSignature Off

For the instruction configuration parameters of ServerTokens, please see the instructions below:

ServerTokens Prod 显示“Server: Apache” ServerTokens Major 显示 “Server: Apache/2″ ServerTokens Minor 显示“Server: Apache/2.2″ ServerTokens Min 显示“Server: Apache/2.2.17″ ServerTokens OS 显示 “Server: Apache/2.2.17 (Unix)” ServerTokens Full 显示 “Server: Apache/2.2.17 (Unix) PHP/5.3.5″ (如果未指定任何的值,这个是默认的返回信息)

Instructions for ServerSignature On:

When set to On, when a user requests to access the webpage of our website that does not exist, the server will display an error message. The error message will include the name of the server andApacheat the bottom of the page. Version and other related information are displayed, which will provide some convenience for some unscrupulous people to exploit known version vulnerabilities. So we'd better not display this information, we can set this parameter toOff.

By modifying these two parameter configuration files, the final effect of obtainingheaderis as follows:

Array ( [0] => HTTP/1.1 403 Forbidden [1] => Date: Sun, 24 Jan 2021 04:54:49 GMT [2] => Server: Apache [3] => Content-Length: 258 [4] => Connection: close [5] => Content-Type: text/html; charset=iso-8859-1 )

Recommended: "php video tutorial"《php tutorial

The above is the detailed content of How does PHP obtain the header information of a specified URL and hide and close it?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:码代码-李雷博客. If there is any infringement, please contact admin@php.cn delete