Not expose PHP version
We recommend in the php.ini to deactivate the PHP version disclosure in the HTTP header. This is performed via the specification:
expose_php = Off
As of JobRouter 4.2 this is the default setting for new installations.
Exclusive use with TLS encryption
If JobRouter is only accessible via HTTPS, please activate the following setting in the php.ini:
session.cookie_secure = On
This prevents the sending of the session cookie via an unencrypted connection.
