 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 54 guest(s) and 1 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 Five simply APACHE/PHP/MYSQL rules that can help with security issues !
Top Apache-PHP-*SQL Security Issue:
1) allow_fopen_url = On
This is a default php.ini settings.
Whether to allow the treatment of URLs (like http:// or ftp://) as files.
It permits the remote execution of php script !
If you don't need to fopen/include remote file, set it to OFF.
2) Disable php method like: system();
3) Install mod_security with anti-SQL Injection regex.
mod_security automatically do an euristic check against malicious GET/POST request.
4) Use the php openbase_dir directive.
5) Chroot Apache
This five rules can help a lot !
But they only remain always perimetral defense.
Fix the code is always the better choice.
Good Luck
Francesco Marasco
Chief Technology Officer
Together Team s.r.l.
Via Torino, 34 - Rende (CS) 87036
Italy
|
|
|
|
|
|
| |
|
Average Score: 3
Votes: 3
|
|
|
|
|
|
Associated Topics
| | | | |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | | |
|
