User Tools

Site Tools

Trace: nginx_security_fpm
nginx_security_fpm

Hiding php-fpm version

If you run a curl on your website similar to the curl below, does it return php versions?
This is NOT secure. We will now make a simple change to the php-fpm php.ini file to hide this

Example curl:

curl -LIsX GET lukeslinux.co.uk | grep php
To hide the php value, find the following value and turn it off: 
expose_php = On
Restart php-fpm and you are done. Test again by rerunning the curl command.

nginx_security_fpm.txt · Last modified: 2024/05/23 07:26 by 127.0.0.1
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki