[thelist] PHP server security?
Tom Dell'Aringa
pixelmech at gmail.com
Tue Jul 18 12:49:10 CDT 2006
Hi folks,
Doing a simple project that is kind of an aside to a main project I am
working on. The CIO guy there is essentially worried that PHP is a security
risk (and even wanted me to use SSI instead). I've been googling for a best
practices document to set up PHP securely, but am not having much luck.
Can anyone either point me to a practical resource (someting other than the
php manual, I do see that much) that kind of lists the best way to set up a
basic apache PHP installation? Failing that, a simple list of what you
suggest would be great. I know there are things on the developer end as
well, so mentioning those or pointing to those would be great too (the only
thing I can recall right now is something about register_globals).
I'm not sure what version of PHP, but assume 5.
Thanks, and please respond directly to me at tom at g mail dot com if you
can.
Tom
More information about the thelist
mailing list