Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best PHP.ini settings to improve security [closed]

Tags:

security

php

What core php.ini file settings we need to pay much attention in terms of improving security?

like image 707
nish Avatar asked Jul 30 '13 10:07

nish

People also ask

Where should I store PHP INI?

ini is usually located in /etc/php/8.1/fpm/php.

What is PHP security?

Since PHP is so popular, PHP security is essential and the number of vulnerable PHP applications is large. Most PHP web applications share parts of code or scripts with other web applications. If the shared piece of code is found to be vulnerable, all the applications that are using it are also vulnerable.

1 Answers

You can begin with:

http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html

it has a lot of practices to start dealing with security. This link provides several issues to start with such as:

  1. XSS
  2. SQL injection
  3. File uploads
  4. Including local and remote files
  5. eval()
  6. Cross-site request forgery - CSRF
like image 101
Christos Papoulas Avatar answered Oct 21 '22 17:10

Christos Papoulas
Sign in to Comment

Related questions

Authorization & User info in a Service Layer (.NET application)
Sign data with MD5WithRSA from .Pem/.Pkcs8 keyfile in C#
Isolated Storage misunderstanding
Security of string resources
Restrict HTTP Access to Elastic Beanstalk
JwtSecurityTokenHandler says signature of JWT valid after changing 1 char
What is un-secure about NSUserDefaults, is manual encryption safe?
I found a lot of weird string in my database, someone trying to get into my site?
express-session secure: true
Why json hijacking can be prevented using POST method?
Ok, so I've encrypted my data now where do I hide the key?
Identifying whether a certificate is der encoded or base 64 encoded
How safe is openID?
Symfony2: How to: secure application with _locale
Storing an encrypted cookie with Rails
Django remote user authentication and security
Spring security authentication management vulnerability
Spring security authrorize based on input parameter criteria
What is the difference between urlencode and rawurlencode? [closed]
How to ensure correct file permissions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!