Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent Wappalyzer from identifying PHP framework

Tags:

php

opencart

I am running an OpenCart application and noticed that Wappalyzer is able to identify the PHP framework used.

I checked the headers as well using HTTPLiveHeaders but it doesn't seem to show OpenCart anywhere. Also checked the cookies sent from my application with no success.

Does anyone know how to successfully prevent Wappalyzer from identifying the server side stack being used?

like image 476
maximus 69 Avatar asked Aug 07 '14 11:08

maximus 69


People also ask

How do I hide my website on Wappalyzer?

Activate Hide My WP > Tweaks After you activate the main security features from Hide My WP Tweaks, save the settings and run a Website Security Check from Hide My WP > Security Check.

How do I hide laravel from Wappalyzer?

So, to hide Laravel from this plugin, you need to edit the Session Cookie Name in /app/config/session. php. Change it from laravel_session to your desire name e.g: yourapp_session. Hope this helps.

How do I use Wappalyzer?

Usage: To use Wappalyzer is very simple and easy, just search any website you want and simply hover over the Wappalyzer extension icon, click on it, and voila, you have the information you need.


Video Answer


1 Answers

This is easy to solve, if you know the details Wappalyzer looks for. ;)

According to the Wappalyzer Source Code on Github the identification of OpenCart is currently based on the following two things:

  • the route - ?:index\\.php\\?route=[a-z]+/
  • "Powered By" - Powered By <a href=\"[^>]+OpenCart

So the answer is:

You can hide Opencart by altering your routing and removing the powered by message.

Keep in mind that this is a totally moving target. They change the detections, you have to follow... spiral ahead. From my point of view, it doesn't make sense to hide the tech.

like image 99
Jens A. Koch Avatar answered Nov 11 '22 16:11

Jens A. Koch