All geek questions in one place

What security issues should I have in PHP hosting

Just wanted to know what security warnings I should know about PHP Hosting?

thanks

+4
source share
3 answers

Here are some of the things:

  • Disable functions like eval , passthru , shell_exec , etc.
  • Remote url input, disable allow_url_fopen
  • Disable register_globals

And do not forget:

  • You are also responsible. Write a secure code, read the security tutorials there.

PHP Security Guide

Finally, as suggested by Rook, you should run:

PHPSecInfo script to see the security settings of your host.

http://phpsec.org/projects/phpsecinfo/

For web hosts and development teams

In development environments, make sure you have the appropriate coding standards. If you think you have unsafe code that you did not write, consider installing a web application firewall. Also consider steps to prevent attacks using bruteforce (for example, if you use the popular CMS tools), an intrusion prevention system such as Fail2Ban can help you with this. There are many of these issues in this conversation. Practical web security - Junade Ali , the video of the conversation is here .

For PHP, you can also use Suhosin , which adds a number of security features to the PHP core. Be careful, install it first and check your sites to make sure it doesn't break anything.

+4
source

If you speak as a developer (and not as a hoster), then do not rely on the server - write protected code and you will not be harmed by any php configuration directive.

+1
source

Clients often have access to Perl, PHP, and shell accounts, which makes it easy for a DoS client or denial of service to all other clients with a poorly written program. External DoS on the entire hosting service, which means that if the IP server is experiencing a DoS attack, you are also experiencing the same problem with others. Most often, clients of client hosting solutions also use the IP address for other clients. This scheme often works just fine, but it’s important to know that everything that happens to your neighbors using the same IP address with you will also be available to you. If your neighbor using the same IP address is blacklisted as spam, everyone else using the IP address will also have the same fate. It is very vulnerable to malicious attacks. Other malicious data can be easily uploaded to other sites, putting your site at risk. They can be injected onto the server through legitimate clients website vulnerabilities and can be used to steal data. DDoS attacks, launched by software downloaded to the server, allow hackers to control the entire hosting server and then attack another server either from the same network or from other networks.

0
source

Source: https://habr.com/ru/post/1309896/

More articles:


All Articles