Ce castigi prin scoaterea headerului:
* nu oferi potentialilor atacatori informatii despre site-ul tau
* site-ul tau are o linie in minus in headere la fiecare cerere, asadar banda consumata este mai mica (desi nu este semnificativ, exista un mic aport)
In cazul meu, adaugarea unei linii de cod in htaccess pentru a scoate headerul X-Powered-By nu a functionat. Cod:
<IfModule mod_headers.c>
Header unset X-Powered-By
</IfModule>
Asadar, am facut urmatoarele modificari:
1. Am creat un template custom
dir /usr/local/psa/admin/conf/templates/custom/domain -p
cp /usr/local/psa/admin/conf/templates/default/server.php /usr/local/psa/admin/conf/templates/custom/
cp /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php /usr/local/psa/admin/conf/templates/custom/domain/
2. Am modificat template-ul custom
nano /usr/local/psa/admin/conf/templates/custom/server.php
la linia 70, am sters
<?php if (!$VAR->server->webserver->proxyActive): ?>
<IfModule mod_headers.c>
Header add X-Powered-By PleskLin
</IfModule>
<?php endif ?>
nano /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php
la linia 163, am sters
add_header X-Powered-By PleskLin;
3. Am refacut configurarile plesk
/usr/local/psa/admin/bin/httpdmng --reconfigure-all
Nota finala: desi in tutorialul de pe Oli's blog sugera restartul serverelor de apache si nginx, la mine a functionat fara restart.
Referinte: Oli's blog (in germana)