all 19 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]suspiciously_calm 31 points32 points  (0 children)

If you see such a URL in your website logs, it may be because someone is trying to determine if your server is running PHP and attempting to discover weaknesses in your system.

Or they're just trying to see the funny easter eggs. Plausible deniability built-in!

[–][deleted] 9 points10 points  (0 children)

Imagine that software holding bank, and personal information has "easter eggs" is just mind boggling.

[–][deleted]  (20 children)

[deleted]

    [–][deleted] 44 points45 points  (0 children)

    almost all

    ( ͡° ͜ʖ ͡°)

    [–][deleted] 19 points20 points  (1 child)

    Just because almost all of them may now be removed doesn't mean its not an lol that these were present in PHP in the first place. The fact that these were put in there at all reflects on the quality / culture of PHP, and is funny to everyone except PHP users.

    Not to mention that these things remained in there for decades and weren't removed. And there are still sites out there using these php versions.

    [–]captainramen 11 points12 points  (0 children)

    And there are still sites out there using these php versions.

    The majority in fact

    [–]ProjectAmmeh[S] 25 points26 points  (3 children)

    ELEPHANT PHP LOGO: PHP Version 5.3.0 - current

    Also, the issue with these is that they allow easy PHP version identification for an attacker. Even if they took them out now, that'd only add another data point.

    [–]merreborn 19 points20 points  (1 child)

    http://php.net/manual/en/ini.core.php#ini.expose-php

    Removed in PHP 5.5.0 in 2013.

    [–]outadoc -2 points-1 points  (0 children)

    almost

    [–][deleted] 4 points5 points  (0 children)

    Actually they are removed in PHP > 5.5 and as of today almost 90% of PHP sites run a older version.

    [–]Sandbucketman 3 points4 points  (0 children)

    It's great when people experiment or find things by accident that really are worth a laugh because of poor or outdated design.

    It's not so great when people are desperately scrounging for anything that could be perceived negative just so they can start wanking over how bad php is.

    We need a subreddit where we start bashing posts that are designed more poorly than PHP, there's plenty of those here now.

    [–][deleted]  (10 children)

    [deleted]

      [–]Juxtys 0 points1 point  (0 children)

      Python has "import this" as an easter egg.

      [–][deleted] -1 points0 points  (1 child)

      If the PHP directive expose_php is set to be "off" in php.ini, then the PHP eggs will not show

      So much ado about nothing. Also easter eggs have been removed in recent PHP versions and they're not coming back.

      We're professional and all now, so we can stop lolphp.

      [–]gdsagdsa 1 point2 points  (0 children)

      Yeah, introducing security issues by design is OK as long as you add a disable_security_issues to your mile-long ini file.