The expose_php setting is used to set whether information about the server’s PHP version should be shown to the users or not. If expose_php is set as on, an attacker can see the version of the PHP running on the application’s server. If the application runs on a vulnerable version of PHP, he will be able to exploit each and every vulnerability present in the server. Developers usually turn expose_php as on so as to allow APIs to interact with the system without any compatibility issues. Enabling expose_php for API support is a stupid idea because APIs can be used through JSON, XML and many more languages. These languages are best suited for APIs because they don’t have compatibility issues.
Example
The below code is an example of this vulnerability:-
expose_php = on
Impact
Using this vulnerability, an attacker can:-
- manipulate sensitive information
- leak sensitive information
- gain administrator access to the web application
Mitigation / Precaution
Beagle recommends the following fixes:-
- Disable expose_php in php.ini or .htaccess.
expose_php = off
