Some applications will set erroneous headers that have little to no value to the client. In some cases the header may even pose a security risk by exposing environment/version information. In the case of PHP, we can unset the X-Powered-By header by adjusting the expose_php flag.
Apache has a directive for removing the header information before completing the client request. We will need the mod_headers module enabled to use this directive:
sudo a2enmod headers
sudo service apache2 restart
In our respective configuration file (.htaccess, VirtualHost, Directory):
Header unset X-Powered-By
We can unset multiple headers on a single line if necessary. More information about configuring response headers is available in the Apache documentation.