Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
php [2007/03/11 17:26] a |
php [2009/05/25 00:35] 127.0.0.1 external edit |
||
---|---|---|---|
Line 3: | Line 3: | ||
- | + | FIXME | |
Line 13: | Line 12: | ||
For a start, put disable_functions = " | For a start, put disable_functions = " | ||
+ | < | ||
+ | expose_php = Off | ||
+ | display_errors = Off | ||
+ | allow_url_fopen = Off | ||
- | expose_php | + | session.use_trans_sid |
- | display_errors | + | session.use_only_cookies |
- | allow_url_fopen = Off \\ | + | |
- | # | + | # |
#per vhost: | #per vhost: | ||
Line 31: | Line 33: | ||
php_admin_value default_charset " | php_admin_value default_charset " | ||
+ | </ | ||
+ | **PHP to secure a setup, a good start is a secure php.ini, for example:** | ||
+ | * disable the Fopen Wrapper, **allow_url_fopen** = Off | ||
+ | * use disable_classes and disable_functions like: - ini_alter, ini_get_all, | ||
+ | * set **register_globals = off** | ||
+ | * set log_errors = on, error_reporting and error_log | ||
+ | * use **open_basedir** and include_path | ||
+ | * use **safe_mode** if possible | ||
- | FIXME - styling needed | + | < |
- | + | allow_call_time_pass_reference = Off | |
- | '' | + | magic_quotes_gpc = Off |
- | PHP to secure a setup, a good start is a secure php.ini, for example: | + | register_long_arrays = Off |
- | - disable the Fopen Wrapper, | + | register_argc_argv = Off |
- | - use disable_classes and disable_functions | + | allow_url_fopen = Off |
- | ini_alter, ini_get_all, ini_get, ini_restore, ini_set, php_get_tmpdir, | + | expose_php = Off |
+ | disable_functions | ||
+ | </ | ||
- | - set register_globals = off | ||
- | - set log_errors = on, error_reporting and error_log | ||
- | - use open_basedir and include_path | ||
- | - use safe_mode if possible'' | ||
=== see also: === | === see also: === | ||
+ | * **[[http:// | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// |