---------- Forwarded message ----------
From: Chris Kennedy <[EMAIL PROTECTED]>
Subject: PHP Info www search and server info gathering
Date: Fri, 20 Oct 2000 16:31:50 -0500
To: [EMAIL PROTECTED]
I am not sure if this is an issue that is seems bad for
a servers security to most people, but to me it is a
really bad looking problem. The phpinfo() function
available from PHP versions gives out a _LOT_ of server
information, directories things are installed in, versions
etc.
Anyone who is not familiar with this page and the contents
can look below for examples in the search results I did
or do a search themselves and see.
This page is also super easy to find through a
search engine, like the ASP/PHP page error problem reported
in the past. I did a lookup in Google for the following...
phpinfo() PHP Credits Version
I got this sort of output, which these URL's are giving out
more information than I expect the websites owners want,
and probably don't expect the page to be found so easily...
----
Untitled
... PHP 4.0 Credits. ... Apache API Version, 19990320. Hostname:Port,
home.huseman.org:80.
User ... usr/local/apache_1.3.12/htdocs/misc/phpinfo.php. SERVER_ADDR, 24.9.201.167.
...
home.huseman.org/misc/phpinfo.php - 32k - Cached - Similar pages
Untitled
... PHP 4.0 Credits. ... Apache API Version, 19990320. Hostname:Port, alabama.inf.elte
... SCRIPT_FILENAME,
/home/toma/public_html/php/phpinfo.php. SERVER_ADDR, 157.181.162.4. ...
alabama.inf.elte.hu/~toma/php/phpinfo.php - 35k - Cached - Similar pages
Untitled
... PHP 4.0 Credits. ... Apache API Version, 19990320. Hostname:Port, steigman.ne ...
34939.
SCRIPT_FILENAME, /home/ms/public_html/phpinfo.php. SERVER_ADDR, 24.147.237.193. ...
steigman.ne.mediaone.net/~ms/phpinfo.php - 35k - Cached - Similar pages
crawler1.googlebot.com (64.209.181.52) Googlebot/2.1 (+http://.com
... PHP 4.0 Credits. ... Apache API Version, 19990320. Hostname:Port,
biocat.ruc.dk:80. User ... com.
REMOTE_PORT, 40796. SCRIPT_FILENAME, /home/chlor/public_html/phpinfo.php. ...
biocat.ruc.dk/~chlor/phpinfo.php - 35k - Cached - Similar pages
Untitled
... PHP 4.0 Credits. ... Apache API Version, 19990320. Hostname/Port, www.kw.nl:80.
User/Group, ... 46918.
SCRIPT_FILENAME, /home/user/pike/public_html/ScripTz/php/phpinfo.php. ...
www.kw.nl/~pike/ScripTz/php/phpinfo.php - 25k - Cached - Similar pages
----
Thanks,
Chris K
--
Chris Kennedy / [EMAIL PROTECTED]
I-Land Internet Services / Network Operations Center
\|/ ____ \|/
"@'/ .. \`@"
/_| \__/ |_\
\__U_/
-Linux SPARC Kernel Oops
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
