Is it possible to comment out the code and not display the x-powered by info?


#1

I was recently browsing other websites using browser spy and noticed it displays x-powered-by Easyengine 3.7.2 or PHP/7.0.9,PleskLin etc… Can this info be commented out so it doesn’t show up in spy utilities ? I’m worried about header injection hacks.

Thanks advanced!


#2

Yes, it is.

But it will be back every time you upgrade EE.


#3

That’s what I figured. Thanks for the reassurance.


#4

comment this line out in nginx.conf use:

sed -i ‘s/add_header X-Powered-By “EasyEngine 3.7.3”/# add_header X-Powered-By “EasyEngine 3.7.3”/g’ /etc/nginx/nginx.conf

after a update - (to comment the header out). But I don’t do it, I am *proud *to use easyengine :stuck_out_tongue:


#5

Not a matter of pride, but security by obscurity instead.


#6

It’s definitely not a pride thing. I guess I should have addressed it differently, my apologies who ever I may have infringed upon. My intention was expressed for security purposes not exploitation. I think EE and the RT Camp/community are awesome !! Glad to be part of it…


#7