Now a days PHP Language is very popular among developers to develop large applications like facebook etc. So here I am going to tell how to secure your PHP applications in a simple steps.
File handling functions like
fopen, file_get_contents, and include accept URLs as file parameters (for example:fopen('http://www.example.com/', 'r')).
Even though this enables developers to access remote resources like
HTTP URLs, it poses as a huge security risk if the filename is taken
from user input without proper sanitization, and opens the door for
remote code execution on the server. To disable this and limit file
functions to local system, use the following setting in php.ini:
To read more about this article Click Here
0 comments:
Post a Comment