Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
php [2006/08/17 14:08] a zend local mirrors |
php [2007/03/11 17:26] a |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP tips ====== | ====== PHP tips ====== | ||
===== Instalation tips ===== | ===== Instalation tips ===== | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
===== Securing PHP code ===== | ===== Securing PHP code ===== | ||
Line 16: | Line 23: | ||
php_admin_flag safe_mode On | php_admin_flag safe_mode On | ||
php_admin_value open_basedir "/ | php_admin_value open_basedir "/ | ||
+ | php_admin_value sendmail_from webmaster@example.com | ||
+ | |||
+ | |||
+ | php_admin_flag display_errors On | ||
+ | php_admin_value safe_mode_include_dir "/ | ||
+ | # | ||
+ | php_admin_value default_charset " | ||
+ | |||
+ | |||
+ | |||
+ | FIXME - styling needed | ||
+ | |||
+ | '' | ||
+ | PHP to secure a setup, a good start is a secure php.ini, for example: | ||
+ | - disable the Fopen Wrapper, allow_url_fopen = Off | ||
+ | - use disable_classes and disable_functions like | ||
+ | ini_alter, ini_get_all, | ||
+ | - set register_globals = off | ||
+ | - set log_errors = on, error_reporting and error_log | ||
+ | - use open_basedir and include_path | ||
+ | - use safe_mode if possible'' | ||
=== see also: === | === see also: === | ||
* [[http:// | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||