1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Disabling Plesk header information

Discussion in 'Plesk for Windows - 8.x and Older' started by ihatepasswords, Jun 18, 2009.

  1. ihatepasswords

    ihatepasswords Guest

    0
     
    I am trying to pass a PCI security scan. The scan is failing because the header broadcast wrong information about php version:

    Server: Microsoft-IIS/6.0
    X-Powered-By: ASP.NET
    X-Powered-By: PHP/5.2.6
    Last-Modified: Thu, 18 Jun 2009 14:58:11 GMT
    Cache-Control: post-check=0, pre-check=0
    P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
    Set-Cookie: PLESKSESSID=51fd8f7daa546706e34d23cb3a2a1f26; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-type: text/html

    I have no idea why plesk is broadcasting this php version when i can clearly see 5.2.9 installed in plesk admin.

    This is very frustrating please help-
     
  2. Yulia Kostina

    Yulia Kostina Guest

    0
     
    Hi

    What you see in Plesk admin is the PHP version shipped with Plesk CP used to serve customer's applications and domains.
    But Plesk itself also uses PHP, this version is hard-coded, and it cannot be changed or upgraded.
     
  3. ihatepasswords

    ihatepasswords Guest

    0
     
    In this case, is there a way to stop it from broadcasting that info? because it means that i wont be able to pass the PCI test and wont be able o continue developing ecomerce sites in that server just because i installed Plesk.

    5.2.6 has know issues. Do you know if paralles supports patching buggy php versions?
     
  4. manuelc

    manuelc Guest

    0
     
    Thanks. Is there at least a way to disable the broadcasting of this outdated and buggy version of PHP that my plesk uses?

    Thank you again.
     
Loading...