Easy removal X-Powered-By HTTP headers
By default the HTTP header 'x-powered-by: PleskLin' is added to HTTP responses.
And with PHP, even the version number is included: 'x-powered-by: PHP/7.3.5'
For security it is better to not give such information, as it may expose you are using outdated software with known vulnerabilities.
Currently it is possible to remove these headers, but it requires some manual actions using SSH (https://support.plesk.com/hc/en-us/articles/115000385274)
My suggestion is to create page to be able to manage such header additions for all websites and services.
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
I would like to hide the X-Powered-By header using GUI in nginx. Currently you can unset in Appache using by adding a single line of code "Header unset X-Powered-By"
Klaus Kochan commented
Yeah, I think it's important, too.
Hakan Fragapane commented
Yeah this is nice! I have written an application that scans the webserver you've given for excatly that. Here you can download it: https://www.prodigy-official.de/#tools
Would be great! This is important in many ways.