Page 1 of 1
how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 11:59 am
by vidyasingh
Hi,
How to hid the fact that webpage is written in php.
Thanks,
Vidya
Re: how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 12:51 pm
by Christopher
The easiest is probably to rewrite URL and use a Front Controller. Many PHP frameworks support this. Search for "clean URLs".
Re: how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 4:24 pm
by califdon
vidyasingh wrote:Hi,
How to hid the fact that webpage is written in php.
Thanks,
Vidya
Whenever I see a question like this, I have to ask, What problem are you trying to solve?
Re: how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 4:31 pm
by Luke
I'm curious too... what is the point?
Re: how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 5:08 pm
by Benjamin
I would think it's a security measure to prevent an attacker from even knowing what language the site is in. There are other reasons too, most of which aren't ethical.
Re: how to hid the fact that webpage is written in php
Posted: Fri May 30, 2008 5:31 pm
by joefazee
Hi,
How to hid the fact that webpage is written in php.
Thanks,
Vidya
Apache mod_rewrite is the perfect man for that job, but note: I must understand regular expression before you can work with that module.
Google it. ‘rewriting URL with Apache’
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 2:55 am
by panic!
joefazee wrote:Hi,
How to hid the fact that webpage is written in php.
Thanks,
Vidya
Apache mod_rewrite is the perfect man for that job, but note: I must understand regular expression before you can work with that module.
Google it. ‘rewriting URL with Apache’
Code: Select all
RewriteEngine On
RewriteRule (.*).html $1.php
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 3:23 am
by SomeoneE1se
if you have access to the apache/php configs you could add .1337 to the list of scripts handled by php so index.1337 would work the same as index.php (if you have you dir list also configured correctly)
just look for
AddHandler x-httpd-php5
and add .1337 to the end
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 5:33 am
by VladSun
On sharing hosting you could use the .htaccess file:
Code: Select all
<FilesMatch .exten>
SetHandler php5
</FilesMatch>
Where
php5 is the handler defined in php.ini (if it doesn't work try something like php, php4 etc.)
I've been successfully using it with startlogic.com to use PHP5 for processing *.php files, which otherwise would have been processed by PHP4.
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 8:24 am
by Ambush Commander
Also, don't forget to remove the X-Powered-By header. (expose_php = Off)
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 9:29 pm
by LSJason
astions wrote:I would think it's a security measure to prevent an attacker from even knowing what language the site is in. There are other reasons too, most of which aren't ethical.
Security through obscurity is not security.
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 9:56 pm
by Benjamin
LSJason wrote:Security through obscurity is not security.

I never said it was. I meant that it's possible the OP wanted to hide the source language for that reason. It is however one of many security techniques that can be used, and I don't see anything wrong with adding it as an additional layer of security to an existing system. If my memory serves, it's commonly used by financial institutions.
Re: how to hid the fact that webpage is written in php
Posted: Sat May 31, 2008 10:01 pm
by LSJason
astions wrote:LSJason wrote:Security through obscurity is not security.

I never said it was. I meant that it's possible the OP wanted to hide the source language for that reason. It is however one of many security techniques that can be used, and I don't see anything wrong with adding it as an additional layer of security to an existing system. If my memory serves, it's commonly used by financial institutions.
(Even more off topic) I didn't meant to imply that you thought it was the only method...just pointing it out

Re: how to hid the fact that webpage is written in php
Posted: Sun Jun 01, 2008 12:13 am
by SomeoneE1se
I can think of a very good reason,
he's working for a stubborn client who demands it be created in asp for no other reason then he likes page.asp better then page.php
Re: how to hid the fact that webpage is written in php
Posted: Sun Jun 01, 2008 12:28 am
by Benjamin
Wow that's funny. Using mod_rewrite to parse .asp as .php. He'll be really happy in a few years when the next programmer tells him it's PHP lol.