« Incoming Mail and PHP
PHP5 Object Oriented Exceptions »

Hiding PHP

Hiding PHP

Hiding PHP
========

Using some simple techniques to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system.
By setting expose_php = off in your php.ini file, you can reduce the amount of information available to them.

Another method is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions:

Example
======
Hiding PHP as another language

# Make PHP code look like other code types
AddType application/x-httpd-php .asp .py .pl

Example
======
Using unknown types for PHP extensions

# Make PHP code look like unknown types
AddType application/x-httpd-php .bop .foo .133t

Example
======
Using HTML types for PHP extensions

# Make all PHP code look like HTML
AddType application/x-httpd-php .htm .html

This entry was posted on Wednesday, December 27th, 2006 at 1:00 pm and is filed under php programming. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.

All material @ copyrighted by chrisranjana.com. If you want to link to this article you are welcome to do so. Unauthorized publication is strictly prohibited. This developer tutorial website contains articles by Php programmers , Software developers, Mysql programmers and asp c# programmers. This website also contains ajax tutorials and advanced mysql sql stored procedures and functions tutorials and sample codes.