Now a days PHP Language is very popular among developers to develop large applications like facebook etc. So here I am going to tell how to secure your PHP applications in a simple steps.
File handling functions like
includeaccept URLs as file parameters (for example:
fopen('http://www.example.com/', 'r')). Even though this enables developers to access remote resources like HTTP URLs, it poses as a huge security risk if the filename is taken from user input without proper sanitization, and opens the door for remote code execution on the server. To disable this and limit file functions to local system, use the following setting in php.ini:
To read more about this article Click Here