歡迎來到小豬圈!

2007-10-28

Checklist for Securing PHP Configuration | Ayman Hourieh's Blog

  • allow_url_fopen = Off
  • register_globals = Off
  • open_basedir = /var/www/htdocs/files
  • safe_mode = Off
  • safe_mode_gid = On
  • safe_mode_exec_dir = /var/www/binaries
  • safe_mode_allowed_env_vars = PHP_
  • max_execution_time = 30 ; Max script execution time
  • max_input_time = 60 ; Max time spent parsing input
  • memory_limit = 16M ; Max memory used by one script
  • upload_max_filesize = 2M ; Max upload file size
  • post_max_size = 8M ; Max post size
  • display_errors = Off
  • log_errors = On
  • expose_php = Off

    在某些地方顯示執行 PHP 的資訊 (例:在 HTTP Header 裡加上一行 X-Powered-By: PHP/5.2.4 及 Server: Apache/2.0.59 (Win32) PHP/5.2.4 )。

  • <FilesMatch "\.(inc|.*sql|.*~)$">
      Order allow,deny
      Deny from all
    </FilesMatch>
    

No comments:

Post a Comment

Comment Form Message

標籤分類

Blog Archive

Labels

Google Analytics Tracking Code

About Me

My photo
Keelung, R.O.C, Taiwan
一個不學無術、混吃等死的傢伙…