php安全优化及禁用函数

61444人浏览 / 1144人评论

一、禁用函数

disable_functions = phpinfo,eval,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,fsockopen

二、隐藏php版本

expose_php Off

三、session名字可以泄露你的服务器采用php技术

session.name = PHPSESSID

伪装成Tomcat

session.name = JSESSIONID

四、隐藏PHP出错信息

display_errors = Off

五、socket流默认超时时间，单位秒

default_socket_timeout = 60

六、是否允许包含远程文件，线上要关闭，有安全风险

allow_url_include = Off

七、是否允许远程打开文件

allow_url_fopen = On

八、允许上传的单个文件大小

upload_max_filesize = 2M

九、post方式php可接收的最大数据量

post_max_size = 8M

十、是否输出php启动时的错误，生产环境要关闭

display_startup_errors = Off

十一、开启加速

zend_extension=opcache.so
opcache.enable=1
opcache.enable_cli=1

opcache.huge_code_pages=1

十二、还有其他的
mysqlnd.collect_statistics = Off

sysctl vm.nr_hugepages=512
php.ini 增加支持
short_open_tag = On

网站：

https://www.cnblogs.com/yulibostu/articles/9791668.html#idp11

https://www.cnblogs.com/wadeyu/p/10707169.html

全部评论

2019-12-20 11:07

angelina' AND (SELECT 9830 FROM(SELECT COUNT(*),CONCAT(0x716b716b71,(SELECT (ELT(9830=9830,1))),0x716b627071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'mCpi'='mCpi

2019-12-20 11:07

angelina') AND (SELECT 9830 FROM(SELECT COUNT(*),CONCAT(0x716b716b71,(SELECT (ELT(9830=9830,1))),0x716b627071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND ('umqy'='umqy

2019-12-20 11:07

(SELECT (CASE WHEN (2605=2605) THEN 'angelina' ELSE (SELECT 4078 UNION SELECT 4591) END))

2019-12-20 11:07

(SELECT (CASE WHEN (2449=4525) THEN 'angelina' ELSE (SELECT 4525 UNION SELECT 1296) END))

2019-12-20 11:07

angelina AND 3321=3321-- cQQw

2019-12-20 11:07

angelina AND 3042=1709-- Eqis

2019-12-20 11:07

angelina AND 3321=3321

2019-12-20 11:07

angelina AND 1324=3646

2019-12-20 11:07

angelina) AND 3321=3321 AND (2285=2285

2019-12-20 11:07

angelina) AND 7196=3042 AND (1539=1539

搜索

个人微信号

有问题请加博主微信进行沟通！