Security of PHP on Linux

So adding some code in your php.ini file will protect your server from execution of Shells like b374k, r57,c99.

disable_functions = php_uname, getmyuid, getmypid,
passthru, leak, listen, diskfreespace, tmpfile, link,
ignore_user_abord, shell_exec, dl, set_time_limit, exec,
system, highlight_file, source, show_source, fpaththru,
virtual, posix_ctermid, posix_getcwd, posix_getegid,

posix_geteuid, posix_getgid, posix_getgrgid,
posix_getgrnam, posix_getgroups, posix_getlogin,
posix_getpgid, posix_getpgrp, posix_getpid,
posix, _getppid, posix_getpwnam, posix_getpwuid,
posix_getrlimit, posix_getsid, posix_getuid,
posix_isatty, posix_kill, posix_mkfifo, posix_setegid,
posix_seteuid, posix_setgid, posix_setpgid, posix_setsid,
posix_setuid, posix_times, posix_ttyname, posix_uname,
proc_open, proc_close, proc_get_status, proc_nice,
proc_terminate, phpinfo, system, passthru, shell_exec,
escapeshellarg, escapeshellcmd,
proc_close, proc_open, ini_alter, dl,
popen, popen, pcntl_exec, socket_accept,

socket_bind, socket_clear_error, socket_close, socket_connect

Also don’t forget to On and Off some functions like below:

safe_mode = On
register_globals = Off
display_errors = Off
allow_url_fopen = Off
allow_url_include = Off
enable open_basedir (Note: Don’t forget to set it to webroot path)

Hope you like this tutorial…
Thanks for reading…
Please do share if you found this useful tutorial….

Comments are closed.