Jump to content

How to send this array of header information ?


Dareros

Recommended Posts

Hi;

 

I have an array of header information that i want to send before doing an echo to the page. Something like :

// Send the header information in the array below, then
echo $html;
die();

The information in the array is for example :

HTTP/1.1 200 OK
Date: Sat, 09 Aug 2014 00:01:36 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.4.9-4ubuntu2
X-Logged-In: False
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: public, must-revalidate, proxy-revalidate
Expires: Sat, 09 Aug 2014 02:01:36 GMT
Connection: keep-alive, close
Pragma: public
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

Thank you.

Did you try just using a foreach and outputting the header?

$headers = array(
  'HTTP/1.1 200 OK',
  'Date: Sat, 09 Aug 2014 00:01:36 GMT',
  'Server: Apache/2.2.22 (Ubuntu)',
  //...the rest
);
foreach($headers as $header)
{
  header($header);
}
exit($html);

Why on earth do you tell your users the exact version of the webserver and PHP? What are they supposed to do with this information?

 

Actually, it does help some people: Attackers can now skip the step of fingerprinting your software, because you've already told them everything they need to know. How kind of you.

Why on earth do you tell your users the exact version of the webserver and PHP? What are they supposed to do with this information?

 

Actually, it does help some people: Attackers can now skip the step of fingerprinting your software, because you've already told them everything they need to know. How kind of you.

Do you mean those lines :

Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.4.9-4ubuntu2

If so, can i remove them without causing any user experience issue ? because i wouldn't like to change header to not make any thing wrong. I know my skills aren't top too mush.

Yes, I mean those two lines. They are not only completely irrelevant for the client, they actually help attackers by giving away internal information about your webserver.

 

Which version of Apache and PHP you're running is none of your users' business.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.