Introducing 5 PHP security measures for you_PHP Tutorial

WBOY
Release: 2016-07-20 10:58:26
Original
1193 people have browsed it

For many years, PHP has been a stable and inexpensive platform for running web-based applications. Like most web-based platforms, PHP is vulnerable to external attacks. Developers, database architects, and system administrators should all take precautions before deploying PHP applications to servers. Most preventive measures can be accomplished with a few lines of code or slight adjustments to application settings.

1: Manage installation scripts

If the developer has installed a set of PHP scripts for third-party applications, this script is used to install the working components of the entire application , and provide an access point. Most third-party packages recommend deleting the installation scripts contained in this directory after installation. But developers wishing to keep the installation script, they can create a .htaccess file to control administrative access to the directory.

AuthType Basic

AuthName “Administrators Only”

AuthUserFile /usr/local/apache/passwd/passwords

Require valid-user
 

AuthType Basic

AuthName “Administrators Only”

AuthUserFile /usr/local/apache/passwd/passwords Require valid-user

Any unauthorized user who attempts to access a protected directory will see a prompt , asking for a username and password. The password must match the password in the specified "passwords" file.

2: Header file

In many cases, developers can include several scripts distributed in the application into one script. These scripts will contain an "include" directive that integrates the individual files into the original page's code. When an "include" file contains sensitive information, including usernames, passwords, and database access keys, the file should have a ".php" extension instead of the typical ".inc" extension. The ".php" extension ensures that the PHP engine will process the file and prevents any unauthorized access.

http://www.bkjia.com/PHPjc/445674.htmlwww.bkjia.comtrue
http: //www.bkjia.com/PHPjc/445674.html
TechArticle
For many years, PHP has been a stable and cheap platform for running web-based applications. Like most web-based platforms, PHP is vulnerable to external attacks. Developers,...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template