I recently found out about the so-called "easter egg URLs" in PHP:
These are the four QUERY strings you can add to the end of a PHP web page to view a (somewhat) hidden image or web page:
?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
This one is the most interesting, and displays an "easter egg" image of either a rabbit in a house (Sterling Hughes' rabbit, named Carmella), a brown dog in the grass, a black Scottish Terrier dog, a sloppy child hand-drawn, crayon-colored php logo, a guy with breadsticks (looks like pencils or french fries) sticking out of his mouth like a walrus, or a PHP elephant logo.
Others include:
?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
(PHP Logo)?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
(Zend logo)?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
(PHP Credits)I was shocked to discover that this does work on a lot of websites, including my own. I think this is idiotic and want to disable it, but from what I hear the only way to do it is in php.ini with expose_php = Off
, and it can't be set at runtime with ini_set()
.
I don't have direct access to php.ini on the live server. I have, however, figured out how to unset the X-Powered-By
header by using Header unset X-Powered-By
in .htaccess
, or header('X-Powered-By: ')
in the PHP code.
Is there any other way I can disable these "easter eggs", or do I have to get this setting changed in the main php.ini
(and is that indeed the correct/only way to disable these URLs)?
in php.ini
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
; http://php.net/expose-php
expose_php = Off
This will effectively remove the easter eggs
A quick HTACCESS global rewrite could regex the exact string right out of every URL thus getting rid of the only fun part of PHP without touching the ini file nor needing a function at the beginning of every file.
Haven't tested this yet, but this should work:
RewriteEngine On
RewriteCond %{QUERY_STRING} \PHPE9568F36-D428-11d2-A769-00AA001ACF42\ [NC]
RewriteRule .* - [F]
Of course, just copy the last 2 lines for each of the other possible queries, or write a more generic regex. I'm not good with regex. :)
This version covers all of the easter egg fun and was found here:
RewriteEngine On
RewriteCond %{QUERY_STRING} \=PHP[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} [NC]
RewriteRule .* - [F]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With