Disabling Plesk header information

[ihatepasswords]

I am trying to pass a PCI security scan. The scan is failing because the header broadcast wrong information about php version:

Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Last-Modified: Thu, 18 Jun 2009 14:58:11 GMT
Cache-Control: post-check=0, pre-check=0
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=51fd8f7daa546706e34d23cb3a2a1f26; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html

I have no idea why plesk is broadcasting this php version when i can clearly see 5.2.9 installed in plesk admin.

This is very frustrating please help-

 

[Yulia Kostina]

Hi

What you see in Plesk admin is the PHP version shipped with Plesk CP used to serve customer's applications and domains.
But Plesk itself also uses PHP, this version is hard-coded, and it cannot be changed or upgraded.

 

[ihatepasswords]

In this case, is there a way to stop it from broadcasting that info? because it means that i wont be able to pass the PCI test and wont be able o continue developing ecomerce sites in that server just because i installed Plesk.

5.2.6 has know issues. Do you know if paralles supports patching buggy php versions?

 

[manuelc]

Thanks. Is there at least a way to disable the broadcasting of this outdated and buggy version of PHP that my plesk uses?

Thank you again.