To hide the PHP version from HTTP responses, edit /etc/php.ini and change:
|
1 |
expose_php = On |
to:
|
1 |
expose_php = Off |
Then restart apache.
Archive | Scripting
PHP Mailer : Swift Mailer
Every time I need a PHP class to handle sending email I turn to Swift Mailer at:
http://swiftmailer.org.
It’s feature rich and easy to use.
Only downside is it doesn’t work for PHP4.
Alternate Install Method For PHP PECL Modules
If the traditional “pecl install APC” style command is not working for some reason, here is the manual procedure:
|
1 2 3 4 5 6 7 |
wget http://pecl.php.net/get/APC-3.0.19.tgz tar -xvzf APC-3.0.19.tgz cd APC-3.0.19 phpize ./configure make make install |
Determine PHP Version
How can I determine what version of PHP is running on my server?
If you have command line access to the server then type:
|
1 |
php -v |
or
|
1 |
php --version |
And you’ll get a result similar to this:
|
1 2 3 4 |
[root@localhost]# php -v PHP 4.3.11 (cli) (built: Jun 7 2005 08:14:45) Copyright (c) 1997-2004 The PHP Group Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies |
Be careful using this approach. It is possible that there is more then one install of PHP on your server and the webserver may be using an install that is not in your command line path.
Use the whereis command to check for multiple installs like this:
|
1 2 |
[root@localhost]# whereis php php: /usr/bin/php /etc/php.d /etc/php.ini /usr/local/bin/php /usr/local/lib/php |
Notice the second install at /usr/local/bin/php. If we check the version of the second install we might get different.
Another way to determine the version is to create a test page on the webserver.
Place the following line in the file:
|
1 |
<?php phpinfo(); ?> |
Call the file “test.php”. Next with a web browser access the file with:
http://www.myserver.com/test.php
You’ll get back an extensive report on the configuration of the PHP install on the server. The PHP version will be shown in the title at the top of the report.
Make sure you remove the test.php file after you are finished with it. The file contains information that could assist hackers so you don’t want to leave it sitting around.
Determine PHP Compile Settings
How can one determine what config settings were used to build PHP? This is a question that comes up when you want to upgrade to a new version of PHP and need to replicate the original settings. Another case is when you are setting of a development server that must be a mirror of your production server.
There are two good ways to proceed:
1. If folder where the source code was built is available then take a look at the file named “config.status”. At the top of this file you’ll find comments looking something like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
#! /bin/sh # Generated automatically by configure. # Run this file to recreate the current configuration. # This directory was configured as follows, # on host web.myserver.com: # # <strong>./configure --enable-track-vars --with-apxs2=/usr/local/apache2/bin/apxs --with-imap-ssl=/root/archive/imap-2004a --with-zip --enable-ftp --with-config-fi le-path=/usr/local/apache2/conf --enable-roxen-zts -with-tsrm-pthreads --with-openssl-dir=/root/archive/openssl-0.9.7g --enable-mbstring --with-mysql=/usr/lo cal/mysql/</strong> # # Compiler output produced by configure, useful for debugging # configure, is in ./config.log if it exists. |
The text in bold is the config line with all the options used.
2. The second method requires that you create a file on the server inside the webspace. Place the following line in the file:
|
1 |
<?php phpinfo(); ?> |
Call the file “test.php”. Next with a web browser access the file with:
http://www.myserver.com/test.php
You’ll get back an extensive report on the configuration of the PHP install on the server. In the first section of the report, under the label “Configure Command” you’ll see something like:
|
1 |
'./configure' '--enable-track-vars' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-imap-ssl=/root/archive/imap-2004a' '--with-zip' '--enable-ftp' '--with-config-file-path=/usr/local/apache2/conf' '--enable-roxen-zts' '-with-tsrm-pthreads' '--with-openssl-dir=/root/archive/openssl-0.9.7g' '--enable-mbstring' '--with-mysql=/usr/local/mysql/' |
Make sure you remove the test.php file after you are finished with it. The file contains information that could assist hackers so you don’t want to leave it sitting around.