Revision history for SecurePHP


Revision [842]

Last edited on 2017-02-10 20:49:00 by WojciechLisiewicz
Additions:
see http://wdb.fh-sm.de/ProgrammierenMitPHP

Deletions:
- do not use "register globals"
- /etc/php.ini > register_globals = OFF
- if you use "register_globals", then initialize every variable!
- do not trust incoming data
- you shouldn't use "include($_GET['seite']);"
- use safe settings in your APACHE / PHP configuration
- [[http://www.php.net/manual/de/features.safe-mode.php SafeMode]] in php.ini
- OpenBasedir in httpd.conf
-


Additions:
- use safe settings in your APACHE / PHP configuration
- [[http://www.php.net/manual/de/features.safe-mode.php SafeMode]] in php.ini
- OpenBasedir in httpd.conf

Deletions:
- use "open_basedir" and other safe settings in your APACHE / PHP configuration
- [[http://www.php.net/manual/de/features.safe-mode.php SafeMode]] in php.ini and httpd.conf


Additions:
- [[http://www.php.net/manual/de/features.safe-mode.php SafeMode]] in php.ini and httpd.conf

Deletions:
- WebserverSafeSettings in php.ini and httpd.conf


Additions:
- WebserverSafeSettings in php.ini and httpd.conf

Deletions:
- SafeSettings in php.ini and httpd.conf


Additions:
- use "open_basedir" and other safe settings in your APACHE / PHP configuration
- SafeSettings in php.ini and httpd.conf

Deletions:
- use "open_basedir" in your APACHE / PHP configuration
- UseOpenBasedir


Additions:
- use "open_basedir" in your APACHE / PHP configuration
- UseOpenBasedir
-


Additions:
- if you use "register_globals", then initialize every variable!


Additions:
- /etc/php.ini > register_globals = OFF

Deletions:
- /etc/php.ini >> register_globals = OFF


Revision [261]

The oldest known version of this page was created on 2007-06-13 07:06:15 by WojciechLisiewicz
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki