====== PHP Fingerprint Vulnerability ======

With the knowledge of a web page or application running on PHP it may be easier to exploit or crack.

===== Remedy =====

  * Avoid the use of the ''.php'' filename extension.
  * Hide headers that might betray the presense of PHP on the server with expose_php configuration option.
  * If using [[http://httpd.apache.org/|the Apache web server]] turn off the [[http://httpd.apache.org/docs/mod/core.html#servertokens|ServerTokens]] directive.

===== Additional Information =====

  * See [[security:web_application_security|web application security]] and [[catalog|security vulnerabilities catalog]].