API tools faq
paste
Advertisement
irobust

PHP Configuration Check List

irobust
Nov 1st, 2018
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.84 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // === DoS ===
  3. // Maximum time a script can execute
  4.   max_execution_time = 30
  5.  
  6.   // Maximum time a script can spend parsing request data
  7.   max_input_time = 7200
  8.  
  9.   // Max memory a script can consume
  10.   memory_limit = 128M
  11.  
  12.   // Limit the amount of data that can be POSTed to the
  13.   // server.  This affects file uploads as well.
  14.   post_max_size = 4M
  15.  
  16.   // Limit the maximum size of a file uploaded to the server.
  17.   upload_max_filesize = 4M
  18.  
  19.   // Limit the number of files that can be uploaded at a
  20.   // single time.
  21.   max_file_uploads = 10
  22.  
  23. // === Loging ===
  24.  
  25. error_reporting = E_ALL & ~E_DEPRECATED
  26. display_errors = Off
  27. display_startup_errors = Off
  28. log_errors = On
  29. log_errors_max_len = 1024
  30.  
  31. // Do not ignore errors, log them all
  32. ignore_repeated_errors = Off
  33. ignore_repeated_source = Off
  34.  
  35. // === Session ===
  36. // Save sessions as files in a specific directory
  37.   session.save_handler = files
  38.   session.save_path = "/tmp/phpsessions"
  39.  
  40.   // Require the use of cookies to prevent session
  41.   // ID's from being included in URL's
  42.   session.use_cookies = 1
  43.   session.use_only_cookies = 1
  44.   session.use_trans_sid = 0
  45.  
  46.   // Set the "secure" and "httponly" flags on the
  47.   // cookie.  This will prevent the cookie from
  48.   // being sent over an HTTP connection or being
  49.   // accessed by JavaScript, helping prevent
  50.   // session hijacking attacks via XSS.
  51.   session.cookie_secure = true
  52.   session.cookie_httponly = true
  53.  
  54.   // Set cookie path and domain information to
  55.   // limit where the cookie can be used, thus
  56.   // protecting session data.
  57.   session.cookie_path = /codewatch/
  58.   session.cookie_domain = www.codewatch.org
  59.  
  60.   // Set the cookie to delete once the browser
  61.   // is closed.
  62.   session.cookie_lifetime = 0
  63.  
  64.   // Perform garbage collection on session data
  65.   // after 15 minutes of inactivity.
  66.   session.gc_maxlifetime = 900
  67.  
  68.   // Use a secure source for generating random
  69.   // session ID's (set to a non-zero value
  70.   // on Windows systems.
  71.   session.entropy_file = /dev/urandom
  72.  
  73.   // Use a strong hashing algorithm to create
  74.   // the session ID and use as many characters
  75.   // as possible to reduce the likeliness that
  76.   // the session ID can be guessed or hijacked.
  77.   session.hash_function = 'sha512'
  78.   session.hash_bits_per_character = 6
  79.  
  80.   // Send the nocache directive in HTTP(S)
  81.   // responses to ensure the page can't be
  82.   // cached.  In addition, set the time-to-
  83.   // live for the page to a low value.
  84.   session.cache_limiter = nocache
  85.   session.cache_expire = 15
  86.  
  87.   // === allow url ===
  88.   allow_url_fopen = Off
  89.   allow_url_include = Off
  90.  
  91.   // === register ===
  92.   register_globals = Off
  93.   register_long_arrays = Off
  94.   register_argc_argv = Off
  95.  
  96.   // ==== disable functions ====
  97.  disable_functions="exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,phpinfo"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!