Hello,
Got a question about hardening php and figure I will ask it here since so many of us use it on our servers.
PHP.INI settings: Disable exec, shell_exec, system, popen and Other Functions To Improve Security
That article recommends setting these directives in php.ini:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
Is it likely that disabling these functions will have any affect on standard drupal or wordpress installs? Do you recommend disabling any others? Or any other general hardening tips?
I use modsuphp, disabled shell access, latest version of php 5.3 & 5.4 (migrating all to 5.4), keep apache up-to-date, etc.
Thank you.
Got a question about hardening php and figure I will ask it here since so many of us use it on our servers.
PHP.INI settings: Disable exec, shell_exec, system, popen and Other Functions To Improve Security
That article recommends setting these directives in php.ini:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
Is it likely that disabling these functions will have any affect on standard drupal or wordpress installs? Do you recommend disabling any others? Or any other general hardening tips?
I use modsuphp, disabled shell access, latest version of php 5.3 & 5.4 (migrating all to 5.4), keep apache up-to-date, etc.
Thank you.