PHP :: Bug #35209 :: X-Powered-By: PHP/4.4.1 is visible with expose

Bug #35209	X-Powered-By: PHP/4.4.1 is visible with expose_php=off
Submitted:	2005-11-13 23:41 UTC	Modified:	2005-11-14 10:12 UTC
From:	ghost777ghost at hotmail dot com	Assigned:
Status:	Not a bug	Package:	Apache related
PHP Version:	4.4.1	OS:	Trustix 2.2
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	ghost777ghost at hotmail dot com
New email:
PHP Version:		OS:

New Comment:

[2005-11-13 23:41 UTC] ghost777ghost at hotmail dot com

Description:
------------
I have compiled php 4.4.1, with apache 1.3.34 on a trustix secure linux 2.2. I can not get X-Powered-By header,
nor built-in Easter-eggs to disappear. 

expose_php = Off is set in php.ini

(expose_php = 0 behaves the same)


This is the output of a head-request:
........................................
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2005 22:11:49 GMT
Server: Apache
X-Powered-By: PHP/4.4.1
Connection: close
Content-Type: text/html
........................................


compilation:

./configure --prefix=/usr/local/php --enable-memory-limit --enable-magic-quotes --enable-sockets --with-openssl --enable-force-cgi-redirect --enable-safe-mode --with-apache=/somedir/apache_1.3.34


Easter-egg:
?=PHPE9568F36-D428-11d2-A769-00AA001ACF42

I have php 4.4.0 with apache 1.3.33 on another trustix 2.2, and this setup responds to changes in expose_php, and it 
does not show X-Powered-By.

I will greatly appreciate any productive feedback to disable the exposure of php.


Best wishes from ghost

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-11-14 00:35 UTC] tony2001@php.net

Please check phpinfo() output and the value of expose_php there.

[2005-11-14 09:04 UTC] ghost777ghost at hotmail dot com

phpinfo() shows expose_php On 
in both Local Value and Master Value.

[2005-11-14 09:16 UTC] bjori@php.net

Please check which php.ini file is in use (with phpinfo()) and verify you changed expose_php in that file (restart apache)

[2005-11-14 09:53 UTC] ghost777ghost at hotmail dot com

And problem was solved.

'--prefix=/usr/local/php' sends php.ini to '/usr/local/php/lib'

I did a 'cp php.ini-dist /usr/local/lib/php.ini'

Anyway:
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2005 08:29:38 GMT
Server: Apache
Connection: close
Content-Type: text/html

I am very sorry for reporting a bogus and using your 
valuable time as support. This was not my intention. Thank 
you for all help, and keep up your great work - we all love php;)

[2005-11-14 10:12 UTC] johannes@php.net

No Bug -> Bogus

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Jun 02 18:01:26 2025 UTC