Apache security

0-Day · 02-03-2016, 10:37 PM

This topic will show you how to quickly and easily protect your apache server.

disable dangerous functions:

Quote:disable_functions = "ini_restore,copy,file_put_contents,ln,readlink,tmpfile,php_ini_scanned_files,posix_isatty,getrlimit,posix,posix_strerror,posix_getgroups,posix_getlogin,set_time_limit,getmypid,chown,getmygid,error_log,posix_get_last_error,session_save_path,ini_get_all,phpinfo,php_uname,closelog,crack_opendict,highlight_file,cat,crack_check,crack_getlastmessage,crack_closedict,ftp_exec,tempnam,chgrp,popen,pclose,posix_getpwuid,proc_get_status,proc_close,proc_open,proc_nice,posix_getgrgid,posix_kill,parse_perms,system,dl,passthru,exec,getcwd,shell_exec,get_loaded_extensions,popen,stream_select,rename,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,mysql_list_dbs,get_current_user,getmyuid,pconnect,link,symlink,pcntl_exec,ini_alter,pfsockopen,leak,apache_child_terminate,posix_kill,posix_setpgid,posix_setuid,proc_terminate,syslog,fpassthru,stream_select,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_modules,apache_get_version,disk_total_space,diskfreespace,apache_getenv,apache_note,apache_setenv,virtual,chmod,file_upload,delete,deleted,edit,cmd,rename,unlink,mkdir,mv,touch,cp,cd,pico,dir,"

Enable open_basedir:

Find ;open_basedir = or open_basedir = and change your time with directory on your site

Example:
open_basedir = "/var/www/html/"

Apache security

Submitted by 0-Day, 02-03-2016, 10:37 PM, Thread ID: 18995