Is it possible to comment out the code and not display the x-powered by info?


I was recently browsing other websites using browser spy and noticed it displays x-powered-by Easyengine 3.7.2 or PHP/7.0.9,PleskLin etc… Can this info be commented out so it doesn’t show up in spy utilities ? I’m worried about header injection hacks.

Thanks advanced!


Yes, it is.

But it will be back every time you upgrade EE.


That’s what I figured. Thanks for the reassurance.


comment this line out in nginx.conf use:

sed -i ‘s/add_header X-Powered-By “EasyEngine 3.7.3”/# add_header X-Powered-By “EasyEngine 3.7.3”/g’ /etc/nginx/nginx.conf

after a update - (to comment the header out). But I don’t do it, I am *proud *to use easyengine :stuck_out_tongue:


Not a matter of pride, but security by obscurity instead.


It’s definitely not a pride thing. I guess I should have addressed it differently, my apologies who ever I may have infringed upon. My intention was expressed for security purposes not exploitation. I think EE and the RT Camp/community are awesome !! Glad to be part of it…