how to remove x-powered-by in apache/php

How to Remove x-powered-by in Apache/PHP

Sometimes you may need to hide x-powered-by in Apache/PHP server to protect your web server’s identity and prevent malicious attackers from exploiting its security vulnerabilities. In this article, we will look at how to remove x-powered-by in Apache/PHP.


How to Remove x-powered-by in Apache/PHP

There are multiple ways to remove x-powered-by in Apache/PHP. We will look at each of them one by one.

Also read : How to Disable HTTP OPTIONS methods in Apache


Using php.ini

If you have access to php.ini file (PHP configuration) file, typically found at /etc/php.ini or /etc/php5/apache2/php.ini depending on your Linux distribution, then open terminal and run the following command to view php.ini in a text editor.

$ sudo vi /etc/php.ini

Find the following line.

expose_php = on

Change it to the following, to hide x-powered-by header

expose_php = off

Save and close the file.

Restart Apache server to apply changes.

$ sudo service apache2 restart

Also Read : How to Set Default Charset to UTF8 encoding in Apache


Using PHP code

If you don’t have access to php.ini, just add the following to your PHP response, to remove or overwrite the x-powered-by header before sending it to the client.

The following function will remove x-powered-by header

<?php header_remove("X-Powered-By"); ?>

Also Read : How to enable mod_rewrite in XAMPP, WAMP

The following function will replace the x-powered-by header value ‘ABC’. You can change it as per your requirement.

<?php header("X-Powered-By: ABC"); ?>

As you can see it is easy to remove x-powered-by header in Apache/PHP.

Ubiq makes it easy to visualize data in minutes, and monitor in real-time dashboards. Try it Today!