Category Archives: php5-fpm

Remove PHP X-Powered-By & Nginx Server Details from HTTP Response Header

To remove Server details from Response Header for e.g. security reasons, like

Server nginx/1.2.4
X-Powered-By PHP/5.3.17-1~dotdeb.0

it´s necessary to edit php.ini & nginx.conf as follows.

To remove X-Powered-By completely, expose_php should be disabled in php.ini.
expose_php = Off


To remove Server Version from Header, server_tokens should be disabled in nginx.conf.
server_tokens off;

See also:,1646

concrete5 nginx configuration

“Concrete cannot parse the PATH_INFO or ORIG_PATH_INFO information provided by your server.”


    location / {
      try_files $uri $uri/ /index.php/$request_uri;

	location ~ \.php($|/) {
		set $script $uri;
		if ($uri ~ "^(.+\.php)(/.+)") {
			set $script $1;
		include /etc/nginx/fastcgi_params;
		fastcgi_pass IP:Port;
		#fastcgi_index index.php;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_param PATH_INFO $fastcgi_script_name;
		fastcgi_param  URI $uri;
		fastcgi_intercept_errors on;