Secure / Harden PHP

PHP is great and I love it, but it does have some basic things that can improve it’s security simple modifications to php.ini can really increase the security.  Locate your php.ini (find / -name php.ini) and then modify the following items

 

#Avoids system calls and buffer overflows

disable_functions = exec,system,shell_exec,passthru

# Injection protection
register_globals = Off

# Turns off display of PHP version
expose_php = Off

#Escape incomming quotes to avoid injection
magic_quotes_gpc = On

 

 

These will take huge steps to protecting your system

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.