David Pashley's questions -server

David Pashley

Asked: 2009-06-07 01:26:24 +0800 CST

Securing PHP webservers

PHP applications have a reputation for higher than average security problems. What configuration techniques do you use for making sure the application is secure as possible?

I'm looking for ideas like:

Using Hardened PHP/Suhosin
Using mod_security
Disabling register_globals and allow_url_fopen in php.ini

I normally use Linux, but feel free to suggest Windows solutions too.

Securing PHP webservers

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?