Information Medium Vega has detected the signature of a PHP error page. Automatically generated error pages can leak sensitive information. The information leaked can include software patchlevels, configuration settings, and database or filesystem structure. The PHP manual recommends disabling "display_errors" on servers exposed to the Internet. For PHP 5.2.4 and greater, the "display_errors" setting in the "php.ini" configuration file should be set to "stderr" (error output stream), rather than "stdout" (output stream sent to clients). For earlier versions, "display_errors" is a boolean type, and can be set to "False" for disabling. The setting can also be disabled at runtime using ini_set() from within a PHP script. Turning off display-errors (php Manual) Vega has detected signatures in scanned content that match common PHP error pages. These pages are automatically generated when an error occurs and can leak information useful in more sophisticated attacks. It is recommended that error output not be sent to the client on production systems.