A phpinfo() file left accessible on a live server dumps your complete server configuration — PHP version, loaded modules, file paths, and sometimes environment variables — handing an attacker a detailed map of exactly what software versions to look up known exploits for.
phpinfo() reveals your PHP version, server configuration, installed modules, environment variables, and file paths — a detailed map for attackers.
No phpinfo() output is accessible at any common path on your live site.
Fix it, then re-scan — the check confirms itself. No manual checkbox, the scan is the truth.
Run this check in H.I.V.E. →