Google ads Horizontal

Thursday, November 26, 2015

HOW TO SECURE YOUR SERVER FROM PHP SHELLS!

Adding these code in your php.ini file will protect your server from execution of Shells like c99 or b374k
?
1
2
3
4
5
6
7
8
disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,popen,pcntl_exec,
socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect
safe_mode = On
register_globals = Off
display_errors = Off
allow_url_fopen = Off
allow_url_include = Off
enable open_basedir(set it to webroot path)