Ao configurar o php é necessário ter em atenção alguns aspectos de segurança.

; php.ini
allow_url_fopen = Off ; Disable URLs for file handling functions

register_globals = Off ; Make sure this hellish fiend is dead

open_basedir = /var/www/htdocs/files ; Restrict file handling functions to a subdirectory

safe_mode = Off ; Disable this, the next is often more practical
safe_mode_gid = On ; Enable safe mode with group check
safe_mode_exec_dir = /var/www/binaries ; Restrict execution functions to this directory
safe_mode_allowed_env_vars = PHP_ ; Restrict access to environment variables

max_execution_time = 30 ; Max script execution time
max_input_time = 60 ; Max time spent parsing inputs
memory_limit = 16M ; Max memory size used by one script
upload_max_filesize = 2M ; Max upload file size
post_max_size = 8M ; Max post size

display_errors = Off ; Do not show errors on screen

log_errors = On ; Log errors to log file

expose_php = Off ; Hide presence of PHP

# Apache configuration or .htaccess

Order allow,deny
Deny from all

Tags: apache, lamp, PHP, segurança

This entry was posted on 05/03/2010 at 10:00. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Posted in PHP segurança by Filipe Teixeira Nunes No Comments Yet