[[php]]
Trace:
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
php [2007/03/11 17:26]
a 		php [2009/01/05 19:17]
a Suhosin Configuration
Line 1: Line 1:
 ====== PHP tips ====== ====== PHP tips ======
 ===== Instalation tips ===== ===== Instalation tips =====
 +
 +
  
  
Line 17: Line 19:
 display_errors = Off \\ display_errors = Off \\
 allow_url_fopen = Off \\ allow_url_fopen = Off \\
 +
 +session.use_trans_sid = 0 \\
 +session.use_only_cookies = 1 \\
  
 #output_buffering = 4096 \\ #output_buffering = 4096 \\
Line 35: Line 40:
 FIXME - styling needed FIXME - styling needed
  
-'' +**PHP to secure a setup, a good start is a secure php.ini, for example:** 
-PHP to secure a setup, a good start is a secure php.ini, for example: +   * disable the Fopen Wrapper, allow_url_fopen = Off 
-  disable the Fopen Wrapper, allow_url_fopen = Off +   * use disable_classes and disable_functions like  
-  use disable_classes and disable_functions like  +ini_alter, ini_get_all, ini_get, ini_restore, ini_set, php_get_tmpdir, php_ini_scanned_files, php_logo_guid, php_uname, phpcredits, phpinfo, phpversion, putenv, restore_include_path, set_include_path, set_time_limit, version_compare, zend_logo_guid, zend_version, show_source, system, shell_exec, passthru, exec, proc_open, time_limit, version_compare, zend_logo_guid, zend_version, show_source, system, shell_exec, passthru, exec, proc_open etc. etc.
-  ini_alter, ini_get_all, ini_get, ini_restore, ini_set, php_get_tmpdir, php_ini_scanned_files, php_logo_guid, php_uname, phpcredits, phpinfo, phpversion, putenv, restore_include_path, set_include_path, set_time_limit, version_compare, zend_logo_guid, zend_version, show_source, system, shell_exec, passthru, exec, proc_open, time_limit, version_compare, zend_logo_guid, zend_version, show_source, system, shell_exec, passthru, exec, proc_open etc. etc.+
  
-  - set register_globals = off +   set register_globals = off 
-  set log_errors = on, error_reporting and error_log +   * set log_errors = on, error_reporting and error_log 
-  use open_basedir and include_path +   * use open_basedir and include_path 
-  use safe_mode if possible''+   * use safe_mode if possible
  
 === see also: === === see also: ===
 +   * **[[http://www.hardened-php.net/suhosin/configuration.html|Suhosin Configuration]]**
    * [[http://www.hardened-php.net/|PHP Hardening-Patch]]    * [[http://www.hardened-php.net/|PHP Hardening-Patch]]
    * [[http://phpsec.org/projects/guide/|PHP Security Guide]]    * [[http://phpsec.org/projects/guide/|PHP Security Guide]]
php.txt · Last modified: 2010/02/20 14:43 by greebo
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready