问题
I am running an OpenCart application and noticed that Wappalyzer is able to identify the PHP framework used.
I checked the headers as well using HTTPLiveHeaders but it doesn't seem to show OpenCart anywhere. Also checked the cookies sent from my application with no success.
Does anyone know how to successfully prevent Wappalyzer from identifying the server side stack being used?
回答1:
This is easy to solve, if you know the details Wappalyzer looks for. ;)
According to the Wappalyzer Source Code on Github the identification of OpenCart is currently based on the following two things:
- the route -
?:index\\.php\\?route=[a-z]+/ - "Powered By" -
Powered By <a href=\"[^>]+OpenCart
So the answer is:
You can hide Opencart by altering your routing and removing the powered by message.
Keep in mind that this is a totally moving target. They change the detections, you have to follow... spiral ahead. From my point of view, it doesn't make sense to hide the tech.
来源:https://stackoverflow.com/questions/25181607/prevent-wappalyzer-from-identifying-php-framework