There are several PHP functions, which are recommended to be properly configured in order to protect your server from a harm. Of course, overall protection of your system can be rather complex and require a number of specific tools, but in this tutorial we will examine how to start with some basics, which don’t require additional spends. So, let’s see how to perform some initial configurations to increase the security of your PHP application, hosted with CirrusGrid Cloud.
The main PHP configuration file, named php.ini, contains a number of default settings, which you can customize, or even add your own depending on the needs of your application. It is located in the etc directory of your Apache or NGINX-PHP application server. This file is fully editable for you as a CirrusGrid customer, so let’s consider which settings you can apply in order to ensure you server security.
Note that values described below are just recommendations. Before applying, please, make sure your application requirements will meet this configurations to not decrease its performance.
Press Config button for your Apache or NGINX server. In the appeared tab navigate to the etc directory and open php.ini file.
Follow the next instructions to apply the necessary configurations:
1. Add the following string in order to disable the insecure functions:
disable_functions = phpinfo, system, mail, execAn additional security can be obtained by disabling the following functions:disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
2. Scope the allowed resources amount, if it is acceptable for your application:
3. The following list of functions can be restricted in the case they aren’t necessary for your application:
4. In order to get more information about the security state, enable the following functions:
5. Switch on available safe modes:
Note: While specifying the abovementioned settings you should consider the requirements of your application, in some cases it can be unavailable.
Powered by BetterDocs
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.