PHP manuál : security.hiding.html

Hiding PHP

PHP Manual
Prev		Next

Chapter 32. Hiding PHP

In general, security by obscurity is one of the weakest forms of security. But in some cases, every little bit of extra security is desirable.

A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system. By setting expose_php = off in your php.ini file, you reduce the amount of information available to them.

Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions:

Example 32-1. Hiding PHP as another language

# Make PHP code look like other code types
AddType application/x-httpd-php .asp .py .pl

Or obscure it completely:

Example 32-2. Using unknown types for PHP extensions

# Make PHP code look like unknown types
AddType application/x-httpd-php .bop .foo .133t

Or hide it as HTML code, which has a slight performance hit because all HTML will be parsed through the PHP engine:

Example 32-3. Using HTML types for PHP extensions

# Make all PHP code look like HTML
AddType application/x-httpd-php .htm .html

For this to work effectively, you must rename your PHP files with the above extensions. While it is a form of security through obscurity, it's a minor preventative measure with few drawbacks.

Prev	Home	Next
Disabling Magic Quotes	Up	Keeping Current

Webhosting

Registrácia domény Standard Webhosting Classic Webhosting Biznis Webhosting DNS parking PLUS Mini Webhosting Mikro hosting Email hosting Porovnanie hostingov Cenník
Objednávka webhostingu

Registrácia do vyhľadávačov Referencie Reklama Kontakty

Zákaznícka podpora
ICQ:
224765581 offline

e-mail:
support@realdata.sk

Vyhľadávanie

Pomoc, manuály
Často kladené otázky Nastavenia služieb Manuál ku Control Panelu Technické info Manuál PHP [eng] Manuál MySQL [eng]

Webmail

otvor webmail

Zaujímavé linky

Dámske kaderníctvo

Dajte svojim vlasom
nový vzhľad
Salón Andrea

inzerat.sk - bezplatna inzercia, inzeraty, autobazar, reality

Slovak companies and manufacturers directory

Katalog slovenskych firiem a vyrobkov
Suppliers and products directory

created by RealData (2005)

www.realdata.sk

Všetky ceny sú s 19% DPH. Konverzny kurz: 1 EUR = 30,1260 SKK
Ceny nezahŕňajú ročný udržiavací poplatok za doménu, ktorý platíme jednotlivým správcom domén.

stránka vygenerovaná za 0.2759s