securing php.ini?

Discussion in 'Server Operation' started by edge, Sep 24, 2010.

  1. edge

    edge Active Member Moderator

    I'm installing a new server at the moment, and I would like to know what you guys think that is a must to change in the php.ini file(s)
    My PHP version is: 5.2.6-1+lenny9

    I've got 3 php.ini files on my system. I guess that they can all be set to the same settings.
    I'm open for suggestions:)

    Thank you
    Last edited: Sep 24, 2010
  2. damir

    damir New Member

    - Set expose_php to Off
    - Set display_errors to Off and
    - I have disabled following functions on webserver:
    disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, escapeshellarg, escapeshellcmd, proc_open

    There is couple more tweaks but need to login to servers to check it out. Will post it later.

Share This Page