> > I don't think it would reduce the number of attacks turning the > > version information off. But it would be more cumbersome to help > > people with php issues as the php version is not directly available. > > Right, that was my point too.
yes, but in the end it is more a problem of user-perception. "hej, if security-experts say it is more secure, then ofcourse i will turn it off - after all i don't care for netcraft-stats" (and don't know about it either). finally, if people turn it off because of security-reasons, one should consider a compromise between "security" and "statistics" ... or not? best regards -Wolfgang -- PHP-Centralpoint Dynamic Web Pages: http://www.dynamicwebpages.de/ German PHP-Certification: http://www.phpzertifizierung.de/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
