Jan Bludau
Basic Pleskian
- Server operating system version
- Debian 12
- Plesk version and microupdate number
- 18.0.58
Domain PHP Configuration: Add the following lines for security reasons:
Why didn’t Plesk decide to make these lines available as options in Plesk? In my opinion, it’s irrelevant which version I use when it comes to port scanning or Showdan.io. Especially with Showdan.io, you can filter vulnerable computers in seconds, for example, find problematic web servers or PHP versions.
I suggest providing options in the GUI for ON / OFF, although someone at Plesk should first explain to me why these version numbers of web servers like Nginx / Apache and PHP should be made public at all. Here are my suggestions for GUI options:
Code:
exposephp = off
servertokens off
Why didn’t Plesk decide to make these lines available as options in Plesk? In my opinion, it’s irrelevant which version I use when it comes to port scanning or Showdan.io. Especially with Showdan.io, you can filter vulnerable computers in seconds, for example, find problematic web servers or PHP versions.
I suggest providing options in the GUI for ON / OFF, although someone at Plesk should first explain to me why these version numbers of web servers like Nginx / Apache and PHP should be made public at all. Here are my suggestions for GUI options:
- “Display PHP version publicly” = On / Off (default: exposephp = off)
- “Display web server version” = On / Off (default: servertokens off)