See HTTP headers on the command line !

You can view HTTP headers on the command line simply by firing up a terminal session and using wget:

#wget -S -O /dev/null

The majuscule “S” gets you the headers and the “-O /dev/null” dumps the file you’re about to retrieve in the bit bucket (rather than into your home directory or where ever). The output you get looks something like this:

[nasser@Zapata /tmp]$ wget -S -O /dev/null                     
Resolving,,, ...
Connecting to||:80... connected.
HTTP request sent, awaiting response... 
  HTTP/1.1 200 OK
  Server: nginx
  Date: Thu, 11 Jun 2009 09:14:44 GMT
  Content-Type: text/html; charset=UTF-8
  Connection: close
  Vary: Cookie
  X-hacker: If you're reading this, you should visit and apply to join the fun, mention this header.
Length: unspecified [text/html]
Saving to: `/dev/null'

    [                                                                                                                  ] 64,529      45.2K/s   in 1.4s   

13:44:41 (45.2 KB/s) - `/dev/null' saved [64529]

Hide PHP version (X-Powered-By) Header

In your php.ini (based on your Linux distribution this can be found in various places, like /etc/php.ini, /etc/php5/apache2/php.ini, etc.) locate the line containing “expose_php On” and set it to Off:

expose_php = Off

After making this change PHP will no longer add it’s signature to the web server header. Doing this, will not make your server more secure… it will just prevent remote hosts to easily see that you have PHP installed on the system and what version you are running.