提高安全性的最佳 PHP.ini 设置
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17944698/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Best PHP.ini settings to improve security
提问by nish
What core php.inifile settings we need to pay much attention in terms of improving security?
在提高安全性方面我们需要注意哪些核心的php.ini文件设置?
回答by Christos Papoulas
You can begin with:
你可以开始:
http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
it has a lot of practices to start dealing with security. This link provides several issues to start with such as:
开始处理安全问题有很多做法。此链接提供了几个问题,例如:
- XSS
- SQL injection
- File uploads
- Including local and remote files
- eval()
- Cross-site request forgery - CSRF
- 跨站脚本攻击
- SQL注入
- 文件上传
- 包括本地和远程文件
- 评估()
- 跨站请求伪造 - CSRF
